Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

access denied with PRIVATE_STORAGE_AUTH_FUNCTION = 'private_storage.permissions.allow_authenticated' #46

Open
aravindmrao opened this issue Dec 12, 2019 · 2 comments
Open

access denied with PRIVATE_STORAGE_AUTH_FUNCTION = 'private_storage.permissions.allow_authenticated' #46

aravindmrao opened this issue Dec 12, 2019 · 2 comments

Comments

@aravindmrao
Copy link

uploading private files works just fine but, I want my users who are logged in to the app to be able to download the file from S3.
does this PRIVATE_STORAGE_AUTH_FUNCTION = 'private_storage.permissions.allow_authenticated' enable that? am I missing something here?
@vdboor
Copy link
Member

vdboor commented Jan 14, 2020

what is the error you get?

@kotofey-da-powah
Copy link

Don't know if my problem is same as @aravindmrao, but I found strange behavior.

First I created my own access function that work pretty fine, but later I discovered that some users get 403 error while function worked correctly.

Then I commented out my access function and set allow_authenticated in settings and started to check my logs.
So, I find out that user requests are duplicating one or more times, and some of them are proceeded from AnonymousUser in same time and same User Agent, as a result they get 403 error and can't download file.

Here is the case, others may vary from this, but same point.

User Ахметшина have access: True
 - - [11/Apr/2020:09:23:20 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 200 0 "https://mydomain.ru/esterhazi/view" "Mozilla/5.0 (Linux; Android 7.1.2; Redmi 5 Plus Build/N2G47H; wv) AppleWebKit/537
User Ахметшина have access: True
 - - [11/Apr/2020:09:23:23 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 200 0 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTML,
User AnonymousUser have access: False
 - - [11/Apr/2020:09:23:26 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM
User AnonymousUser have access: False
 - - [11/Apr/2020:09:23:34 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM
User AnonymousUser have access: False
 - - [11/Apr/2020:09:23:35 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM
User AnonymousUser have access: False
 - - [11/Apr/2020:09:23:45 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM
User AnonymousUser have access: False
 - - [11/Apr/2020:09:23:46 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM
User Ахметшина have access: True
 - - [11/Apr/2020:09:24:00 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 200 0 "https://mydomain.ru/esterhazi/view" "Mozilla/5.0 (Linux; Android 7.1.2; Redmi 5 Plus Build/N2G47H; wv) AppleWebKit/537
User Ахметшина have access: True
 - - [11/Apr/2020:09:24:01 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 200 0 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTML,
User AnonymousUser have access: False
 - - [11/Apr/2020:09:24:10 +0300] "GET /esterhazi/pdf/print HTTP/1.0" 403 135 "http://instagram.com/" "Mozilla/5.0 (Linux; U; Android 7.1.2; ru-ru; Redmi 5 Plus Build/N2G47H) AppleWebKit/537.36 (KHTM

One more:

User Инна have access: True
 - - [11/Apr/2020:18:57:10 +0300] "GET /4-torta/pdf/print HTTP/1.0" 200 0 "https://mydomain.ru/4-torta/view" "Mozilla/5.0 (Linux; Android 8.1.0; Aquaris X Pro Build/OPM1.171019.026; wv) AppleWebK
User AnonymousUser have access: False
 - - [11/Apr/2020:18:57:11 +0300] "GET /4-torta/pdf/print HTTP/1.0" 403 135 "-" "Mozilla/5.0 (Linux; Android 8.1.0; Aquaris X Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.162 Mobile S

Here's my view:

class BasePDFView(PrivateStorageDetailView):
    model = BaseContent
    content_type = "application/pdf"
    content_disposition = "attachment"

Also found out that cases mostly attached to Xiaomi or Samsung User Agents, don't know really why this happening.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vdboor @kotofey-da-powah @aravindmrao