diff --git a/controller/Files.py b/controller/Files.py index 5737747..12d1199 100644 --- a/controller/Files.py +++ b/controller/Files.py @@ -339,20 +339,16 @@ class Files( object ): @end_transaction @validate( access_id = Valid_id(), - item_number = Valid_int(), ) - def download_product( self, access_id, item_number ): + def download_product( self, access_id ): """ Return the contents of downloadable product file. @type access_id: unicode @param access_id: id of download access object that grants access to the file - @type item_number: int or int as unicode - @param item_number: number of the downloadable product @rtype: generator @return: file data - @raise Access_error: the access_id is unknown, doesn't grant access to the file, or the - item_number is unknown + @raise Access_error: the access_id is unknown or doesn't grant access to the file """ # release the session lock before beginning to stream the download. otherwise, if the # download is cancelled before it's done, the lock won't be released @@ -361,21 +357,21 @@ class Files( object ): except ( KeyError, OSError ): pass - # find the product corresponding to the given item_number + # load the download_access object corresponding to the given id + download_access = self.__database.load( Download_access, access_id ) + if download_access is None: + raise Access_error() + + # find the product corresponding to the item_number products = [ product for product in self.__download_products - if unicode( item_number ) == product.get( u"item_number" ) + if unicode( download_access.item_number ) == product.get( u"item_number" ) ] if len( products ) == 0: raise Access_error() product = products[ 0 ] - # load the download_access object corresponding to the given id - download_access = self.__database.load( Download_access, access_id ) - if download_access is None: - raise Access_error() - public_filename = product[ u"filename" ].encode( "utf8" ) local_filename = u"products/%s" % product[ u"filename" ] diff --git a/controller/Root.py b/controller/Root.py index a3dc8f9..220ee7b 100644 --- a/controller/Root.py +++ b/controller/Root.py @@ -175,7 +175,7 @@ class Root( object ): raise cherrypy.NotFound return dict( - redirect = u"/users/download_thanks/access_id=%s" % download_access_id, + redirect = u"/users/thanks_download?access_id=%s" % download_access_id, ) @expose( view = Front_page ) diff --git a/controller/Users.py b/controller/Users.py index 71ede4c..f6844be 100644 --- a/controller/Users.py +++ b/controller/Users.py @@ -1385,7 +1385,7 @@ class Users( object ): u"To download the installer, please follow this link:\n\n" + \ u"%s/d/%s\n\n" % ( self.__https_url or self.__http_url, download_access_id ) + \ u"You can use this link anytime to download Luminotes Desktop or upgrade\n" + \ - u"to new versions as they are released. So you should probably keep the" + \ + u"to new versions as they are released. So you should probably keep the\n" + \ u"link around.\n\n" + \ u"If you have any questions, please email support@luminotes.com\n\n" + \ u"Enjoy!" @@ -1576,31 +1576,26 @@ class Users( object ): def thanks_download( self, **params ): """ Provide the information necessary to display the download thanks page, including a product - download link. This information can be accessed with an item_number and either a txn_id or a - download access_id. + download link. This information can be accessed with either a tx (transaction id) or a download + access_id. """ - item_number = params.get( u"item_number" ) - try: - item_number = int( item_number ) - except ( TypeError, ValueError ): - raise Payment_error( u"invalid item_number", params ) - - # if a valid txn_id is provided, redirect to this page with the corresponding access_id. + # if a valid tx is provided, redirect to this page with the corresponding access_id. # that way, if the user bookmarks the page, they'll bookmark it with the access_id rather - # than the txn_id - txn_id = params.get( u"txn_id" ) - if txn_id: - if not self.TRANSACTION_ID_PATTERN.search( txn_id ): - raise Payment_error( u"invalid txn_id", params ) + # than the tx + tx = params.get( u"tx" ) + if tx: + if not self.TRANSACTION_ID_PATTERN.search( tx ): + raise Payment_error( u"invalid tx", params ) - download_access = self.__database.select_one( Download_access, Download_access.sql_load_by_transaction_id( txn_id ) ) + download_access = self.__database.select_one( Download_access, Download_access.sql_load_by_transaction_id( tx ) ) if download_access: return dict( - redirect = u"/users/thanks_download?access_id=%s&item_number=%s" % ( download_access.object_id, item_number ) + redirect = u"/users/thanks_download?access_id=%s" % download_access.object_id ) download_access_id = params.get( u"access_id" ) download_url = None + item_number = None if download_access_id: try: @@ -1610,13 +1605,12 @@ class Users( object ): download_access = self.__database.load( Download_access, download_access_id ) if download_access: - if download_access.item_number != unicode( item_number ): - raise Payment_error( u"incorrect item_number", params ) - download_url = u"%s/files/download_product/access_id=%s&item_number=%s" % \ - ( self.__https_url or u"", download_access_id, item_number ) + download_url = u"%s/files/download_product?access_id=%s" % \ + ( self.__https_url or self.__http_url, download_access_id ) + item_number = download_access.item_number - if not txn_id and not download_access_id: - raise Payment_error( u"either txn_id or access_id required", params ) + if not tx and not download_access_id: + raise Payment_error( u"either tx or access_id required", params ) anonymous = self.__database.select_one( User, User.sql_load_by_username( u"anonymous" ), use_cache = True ) if anonymous: @@ -1642,7 +1636,7 @@ class Users( object ): result[ "conversion" ] = "download_%s" % item_number # otherwise, display an auto-reloading "processing..." page else: - note = Processing_download_note( download_access_id, item_number, retry_count ) + note = Processing_download_note( download_access_id, retry_count ) result[ "notebook" ] = main_notebook result[ "startup_notes" ] = self.__database.select_many( Note, main_notebook.sql_load_startup_notes() ) diff --git a/controller/test/Test_files.py b/controller/test/Test_files.py index c5f1e75..6a59b36 100644 --- a/controller/test/Test_files.py +++ b/controller/test/Test_files.py @@ -347,7 +347,7 @@ class Test_files( Test_controller ): self.database.save( download_access ) result = self.http_get( - "/files/download_product?access_id=%s&item_number=%s" % ( access_id, item_number ), + "/files/download_product?access_id=%s" % access_id, session_id = self.session_id, ) @@ -381,7 +381,7 @@ class Test_files( Test_controller ): self.database.save( download_access ) result = self.http_get( - "/files/download_product?access_id=%s&item_number=%s" % ( access_id, item_number ), + "/files/download_product?access_id=%s" % access_id, ) headers = result[ u"headers" ] @@ -416,28 +416,7 @@ class Test_files( Test_controller ): self.database.save( download_access ) result = self.http_get( - "/files/download_product?access_id=%s&item_number=%s" % ( u"unknownid", item_number ), - session_id = self.session_id, - ) - - assert u"access" in result[ u"body" ][ 0 ] - headers = result[ u"headers" ] - assert headers - assert headers[ u"Content-Type" ] == u"text/html" - assert not headers.get( u"Content-Disposition" ) - - def test_download_product_unknown_item_number( self ): - access_id = u"wheeaccessid" - item_number = u"5000" - transaction_id = u"txn" - - self.login() - - download_access = Download_access.create( access_id, item_number, transaction_id ) - self.database.save( download_access ) - - result = self.http_get( - "/files/download_product?access_id=%s&item_number=%s" % ( access_id, u"1137" ), + "/files/download_product?access_id=%s" % u"unknown_id", session_id = self.session_id, ) @@ -459,7 +438,7 @@ class Test_files( Test_controller ): self.database.save( download_access ) result = self.http_get( - "/files/download_product?access_id=%s&item_number=%s" % ( access_id, item_number ), + "/files/download_product?access_id=%s" % access_id, session_id = self.session_id, ) diff --git a/controller/test/Test_root.py b/controller/test/Test_root.py index ccfdebe..81740f7 100644 --- a/controller/test/Test_root.py +++ b/controller/test/Test_root.py @@ -543,4 +543,4 @@ class Test_root( Test_controller ): download_access_id = u"foobarbaz" result = self.http_get( "/d/%s" % download_access_id ) - assert result[ u"redirect" ] == u"/users/download_thanks/access_id=%s" % download_access_id + assert result[ u"redirect" ] == u"/users/thanks_download?access_id=%s" % download_access_id diff --git a/controller/test/Test_users.py b/controller/test/Test_users.py index 8113a09..4b82a5e 100644 --- a/controller/test/Test_users.py +++ b/controller/test/Test_users.py @@ -4301,7 +4301,6 @@ class Test_users( Test_controller ): result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, ), session_id = self.session_id ) assert result[ u"user" ].username == self.user.username @@ -4338,8 +4337,8 @@ class Test_users( Test_controller ): assert u"Download" in result[ u"notes" ][ 0 ].contents assert VERSION in result[ u"notes" ][ 0 ].contents - expected_download_link = u"%s/files/download_product/access_id=%s&item_number=%s" % \ - ( self.settings[ u"global" ][ u"luminotes.https_url" ], access_id, item_number ) + expected_download_link = u"%s/files/download_product?access_id=%s" % \ + ( self.settings[ u"global" ][ u"luminotes.https_url" ], access_id ) assert expected_download_link in result[ u"notes" ][ 0 ].contents def test_thanks_download_without_login( self ): @@ -4352,7 +4351,6 @@ class Test_users( Test_controller ): result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, ) ) assert result[ u"user" ].username == self.anonymous.username @@ -4383,74 +4381,11 @@ class Test_users( Test_controller ): assert u"Download" in result[ u"notes" ][ 0 ].contents assert VERSION in result[ u"notes" ][ 0 ].contents - expected_download_link = u"%s/files/download_product/access_id=%s&item_number=%s" % \ - ( self.settings[ u"global" ][ u"luminotes.https_url" ], access_id, item_number ) + expected_download_link = u"%s/files/download_product?access_id=%s" % \ + ( self.settings[ u"global" ][ u"luminotes.https_url" ], access_id ) assert expected_download_link in result[ u"notes" ][ 0 ].contents - def test_thanks_download_invalid_item_number( self ): - access_id = u"wheeaccessid" - item_number = u"5000abc" - transaction_id = u"txn" - - download_access = Download_access.create( access_id, item_number, transaction_id ) - self.database.save( download_access ) - - self.login() - - result = self.http_post( "/users/thanks_download", dict( - access_id = access_id, - item_number = item_number, - ), session_id = self.session_id ) - - assert u"error" in result - - def test_thanks_download_none_item_number( self ): - access_id = u"wheeaccessid" - item_number = None - transaction_id = u"txn" - - download_access = Download_access.create( access_id, item_number, transaction_id ) - self.database.save( download_access ) - - self.login() - - result = self.http_post( "/users/thanks_download", dict( - access_id = access_id, - item_number = item_number, - ), session_id = self.session_id ) - - assert u"error" in result - - def test_thanks_download_missing_item_number( self ): - access_id = u"wheeaccessid" - transaction_id = u"txn" - - self.login() - - result = self.http_post( "/users/thanks_download", dict( - access_id = access_id, - ), session_id = self.session_id ) - - assert u"error" in result - - def test_thanks_download_incorrect_item_number( self ): - access_id = u"wheeaccessid" - item_number = u"5000" - transaction_id = u"txn" - - self.login() - - download_access = Download_access.create( access_id, item_number, transaction_id ) - self.database.save( download_access ) - - result = self.http_post( "/users/thanks_download", dict( - access_id = access_id, - item_number = u"1234", - ), session_id = self.session_id ) - - assert u"error" in result - - def test_thanks_download_txn_id( self ): + def test_thanks_download_tx( self ): access_id = u"wheeaccessid" item_number = u"5000" transaction_id = u"txn" @@ -4461,15 +4396,14 @@ class Test_users( Test_controller ): self.login() result = self.http_post( "/users/thanks_download", dict( - txn_id = transaction_id, - item_number = item_number, + tx = transaction_id, ), session_id = self.session_id ) redirect = result.get( u"redirect" ) - expected_redirect = "/users/thanks_download?access_id=%s&item_number=%s" % ( access_id, item_number ) + expected_redirect = "/users/thanks_download?access_id=%s" % access_id assert redirect == expected_redirect - def test_thanks_download_invalid_txn_id( self ): + def test_thanks_download_invalid_tx( self ): access_id = u"wheeaccessid" item_number = u"5000" transaction_id = u"invalid txn id" @@ -4480,8 +4414,7 @@ class Test_users( Test_controller ): self.login() result = self.http_post( "/users/thanks_download", dict( - txn_id = transaction_id, - item_number = item_number, + tx = transaction_id, ), session_id = self.session_id ) assert u"error" in result @@ -4495,7 +4428,6 @@ class Test_users( Test_controller ): result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, ), session_id = self.session_id ) # an unknown transaction id might just mean we're still waiting for the transaction to come in, @@ -4541,7 +4473,6 @@ class Test_users( Test_controller ): result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, retry_count = u"3", ), session_id = self.session_id ) @@ -4588,7 +4519,6 @@ class Test_users( Test_controller ): result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, retry_count = u"16", ), session_id = self.session_id ) @@ -4626,7 +4556,7 @@ class Test_users( Test_controller ): assert u"Thank you" in result[ u"notes" ][ 0 ].contents assert u"confirmation" in result[ u"notes" ][ 0 ].contents - def test_thanks_download_not_yet_paid_txn_id( self ): + def test_thanks_download_not_yet_paid_tx( self ): access_id = u"wheeaccessid" item_number = u"5000" transaction_id = u"txn" @@ -4634,8 +4564,7 @@ class Test_users( Test_controller ): self.login() result = self.http_post( "/users/thanks_download", dict( - txn_id = transaction_id, - item_number = item_number, + tx = transaction_id, ), session_id = self.session_id ) # an unknown transaction id might just mean we're still waiting for the transaction to come in, @@ -4672,7 +4601,7 @@ class Test_users( Test_controller ): assert u"being processed" in result[ u"notes" ][ 0 ].contents assert u"retry_count=1" in result[ u"notes" ][ 0 ].contents - def test_thanks_download_not_yet_paid_txn_id_with_retry( self ): + def test_thanks_download_not_yet_paid_tx_with_retry( self ): access_id = u"wheeaccessid" item_number = u"5000" transaction_id = u"txn" @@ -4680,7 +4609,7 @@ class Test_users( Test_controller ): self.login() result = self.http_post( "/users/thanks_download", dict( - txn_id = transaction_id, + tx = transaction_id, item_number = item_number, retry_count = u"3", ), session_id = self.session_id ) @@ -4719,7 +4648,7 @@ class Test_users( Test_controller ): assert u"being processed" in result[ u"notes" ][ 0 ].contents assert u"retry_count=4" in result[ u"notes" ][ 0 ].contents - def test_thanks_download_not_yet_paid_txn_id_with_retry_timeout( self ): + def test_thanks_download_not_yet_paid_tx_with_retry_timeout( self ): access_id = u"wheeaccessid" item_number = u"5000" transaction_id = u"txn" @@ -4727,8 +4656,7 @@ class Test_users( Test_controller ): self.login() result = self.http_post( "/users/thanks_download", dict( - txn_id = transaction_id, - item_number = item_number, + tx = transaction_id, retry_count = u"16", ), session_id = self.session_id ) @@ -4766,27 +4694,22 @@ class Test_users( Test_controller ): assert u"Thank you" in result[ u"notes" ][ 0 ].contents assert u"confirmation" in result[ u"notes" ][ 0 ].contents - def test_thanks_download_missing_txn_id_missing_access_id( self ): - item_number = u"5000" - + def test_thanks_download_missing_tx_missing_access_id( self ): self.login() result = self.http_post( "/users/thanks_download", dict( - item_number = item_number, ), session_id = self.session_id ) assert u"error" in result def test_thanks_download_invalid_access_id( self ): access_id = u"invalid access id" - item_number = u"5000" transaction_id = u"txn" self.login() result = self.http_post( "/users/thanks_download", dict( access_id = access_id, - item_number = item_number, ), session_id = self.session_id ) assert u"error" in result diff --git a/view/Processing_download_note.py b/view/Processing_download_note.py index eb542a7..304e368 100644 --- a/view/Processing_download_note.py +++ b/view/Processing_download_note.py @@ -2,7 +2,7 @@ from Tags import Html, Head, Meta, H3, P class Processing_download_note( Html ): - def __init__( self, download_access_id, item_number, retry_count ): + def __init__( self, download_access_id, retry_count ): if not retry_count: retry_count = 0 @@ -13,8 +13,8 @@ class Processing_download_note( Html ): Head( Meta( http_equiv = u"Refresh", - content = u"2; URL=/users/thanks_download?access_id=%s&item_number=%s&retry_count=%s" % - ( download_access_id, item_number, retry_count ), + content = u"2; URL=/users/thanks_download?access_id=%s&retry_count=%s" % + ( download_access_id, retry_count ), ), ), H3( u"processing..." ),