tanner/spaceport
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add santiy check to backup download

Browse Source
This commit is contained in:
Tanner Collin 2020-05-01 01:21:06 +00:00
parent d99e4e3b23
commit def5c31d0b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apiserver/apiserver/api/views.py
View File

@ -7,6 +7,7 @@ from django.db.models import Max
from django.http import HttpResponse, Http404 from django.http import HttpResponse, Http404
from django.core.files.base import File from django.core.files.base import File
from django.core.cache import cache from django.core.cache import cache
from django.utils.timezone import now
from rest_framework import viewsets, views, mixins, generics, exceptions from rest_framework import viewsets, views, mixins, generics, exceptions
from rest_framework.decorators import action from rest_framework.decorators import action
from rest_framework.permissions import BasePermission, IsAuthenticated, SAFE_METHODS, IsAuthenticatedOrReadOnly from rest_framework.permissions import BasePermission, IsAuthenticated, SAFE_METHODS, IsAuthenticatedOrReadOnly
@ -409,6 +410,10 @@ class BackupView(views.APIView):
if not backup_path: if not backup_path:
raise Http404 raise Http404
if str(now().date()) not in backup_path:
# sanity check - make sure it's actually today's backup
raise Http404()
backup_url = 'https://static.{}/backups/{}'.format( backup_url = 'https://static.{}/backups/{}'.format(
settings.PRODUCTION_HOST, settings.PRODUCTION_HOST,
backup_path, backup_path,