only system manager can download backups
This commit is contained in:
Pratik Vyas
parent
ac82b5ba6e
commit
7668316916
5 changed files with 35 additions and 4 deletions
|
|
@ -58,6 +58,8 @@ def application(request):
|
|||
frappe.handler.handle()
|
||||
elif frappe.request.path.startswith("/api/"):
|
||||
frappe.api.handle()
|
||||
elif request.path.startswith('/backups'):
|
||||
frappe.utils.download_backup(request.path)
|
||||
elif frappe.local.request.method in ('GET', 'HEAD'):
|
||||
frappe.website.render.render(frappe.request.path[1:])
|
||||
else:
|
||||
|
|
|
|||
|
|
@ -167,9 +167,9 @@ def get_conf_params(db_name=None, db_password=None):
|
|||
|
||||
def make_site_dirs():
|
||||
site_public_path = os.path.join(frappe.local.site_path, 'public')
|
||||
site_private_path = os.path.join(frappe.local.site_path, 'private')
|
||||
for dir_path in (
|
||||
os.path.join(site_public_path, 'backups'),
|
||||
os.path.join(site_public_path, 'locks'),
|
||||
os.path.join(site_private_path, 'backups'),
|
||||
os.path.join(site_public_path, 'files')):
|
||||
if not os.path.exists(dir_path):
|
||||
os.makedirs(dir_path)
|
||||
|
|
|
|||
|
|
@ -18,3 +18,4 @@ execute:frappe.reset_perms("Module Def")
|
|||
frappe.patches.4_0.rename_sitemap_to_route
|
||||
frappe.patches.4_0.set_website_route_idx
|
||||
execute:import frappe.installer;frappe.installer.make_site_dirs() #2014-02-19
|
||||
frappe.patches.4_0.private_backups
|
||||
|
|
|
|||
|
|
@ -7,8 +7,11 @@ from __future__ import unicode_literals
|
|||
from werkzeug.test import Client
|
||||
import os
|
||||
import re
|
||||
import mimetypes
|
||||
import urllib
|
||||
|
||||
from werkzeug.wsgi import wrap_file
|
||||
from werkzeug.wrappers import Response
|
||||
from werkzeug.exceptions import NotFound, Unauthorized
|
||||
import frappe
|
||||
|
||||
no_value_fields = ['Section Break', 'Column Break', 'HTML', 'Table', 'FlexTable',
|
||||
|
|
@ -930,3 +933,28 @@ def touch_file(path):
|
|||
def get_test_client():
|
||||
from frappe.app import application
|
||||
return Client(application)
|
||||
|
||||
def download_backup(path):
|
||||
try:
|
||||
frappe.only_for(("System Manager", "Administrator"))
|
||||
except frappe.PermissionError:
|
||||
raise Unauthorized
|
||||
send_private_file(path)
|
||||
|
||||
def send_private_file(path):
|
||||
path = path[1:] if path.startswith('/') else path
|
||||
path = os.path.join(frappe.local.conf.get('private_path', 'private'), path)
|
||||
|
||||
if frappe.local.request.headers.get('X-Use-X-Accel-Redirect'):
|
||||
path = '/' + path
|
||||
frappe.local._response.headers['X-Accel-Redirect'] = path
|
||||
else:
|
||||
filename = os.path.basename(path)
|
||||
filepath = get_site_path(path)
|
||||
try:
|
||||
f = open(filepath, 'rb')
|
||||
except IOError:
|
||||
raise NotFound
|
||||
frappe.local._response = Response(wrap_file(frappe.local.request.environ, f))
|
||||
frappe.local._response.headers.add('Content-Disposition', 'attachment', filename=filename)
|
||||
frappe.local._response.headers['Content-Type'] = mimetypes.guess_type(filename)[0] or 'application/octet-stream'
|
||||
|
|
|
|||
|
|
@ -191,7 +191,7 @@ def is_file_old(db_file_name, older_than=24):
|
|||
|
||||
def get_backup_path():
|
||||
import os
|
||||
backup_path = frappe.utils.get_site_path(conf.get("backup_path", "public/backups"))
|
||||
backup_path = frappe.utils.get_site_path(conf.get("backup_path", "private/backups"))
|
||||
return backup_path
|
||||
|
||||
#-------------------------------------------------------------------------------
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue