Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ RUN mkdir -p /l/local/bin
RUN ln -s /usr/bin/unzip /l/local/bin/unzip
RUN ln -s /usr/bin/convert /l/local/bin/convert
RUN ln -s /usr/bin/plackup /l/local/bin/plackup
RUN /bin/bash -c 'for cmd in pamflip jpegtopnm tifftopnm bmptopnm pngtopam ppmmake pamcomp pnmscalefixed pamscale pnmrotate pnmpad pamtotiff pnmtotiff pnmtojpeg pamrgbatopng ppmtopgm pnmtopng; do ln -s /usr/bin/$cmd /l/local/bin; done'
RUN /bin/bash -c 'for cmd in pamflip jpegtopnm tifftopnm bmptopnm pngtopam ppmmake pamcomp pnmscalefixed pamscale pnmrotate pnmpad pamtotiff pnmtotiff pnmtojpeg pamrgbatopng ppmtopgm pnmtopng pamthreshold; do ln -s /usr/bin/$cmd /l/local/bin; done'

RUN mkdir /htapps/babel/cache
RUN chmod 4777 /htapps/babel/cache
Expand Down
8 changes: 7 additions & 1 deletion imgsrv/lib/SRV/Image.pm
Original file line number Diff line number Diff line change
Expand Up @@ -87,10 +87,15 @@ sub run {
$self->_validate_params($env);

my $C = $$env{'psgix.context'};

my $mdpItem = $C->get_object('MdpItem');
my $gId = $mdpItem->GetId();
my $restricted = $$env{'psgix.restricted'};

# require an existing session
my $ses = $C->get_object('Session');
if ( $$ses{is_new} ) { $restricted = 1; }

# now we deal with extracting
my $cache_dir = SRV::Utils::get_cachedir();
my $logfile = SRV::Utils::get_logfile();
Expand Down Expand Up @@ -240,7 +245,8 @@ sub call_core {
Plack::Util::set_io_path($fh, Cwd::realpath($$output{filename}));
}

my $res = $req->new_response(200);
my $status = ( $$output{restricted} ) ? 403 : 200;
my $res = $req->new_response($status);
$res->content_type($$output{mimetype});
$res->header('X-HathiTrust-ImageSize' => $$output{metadata}{width} . "x" . $$output{metadata}{height});

Expand Down
20 changes: 15 additions & 5 deletions imgsrv/lib/SRV/Volume/Base.pm
Original file line number Diff line number Diff line change
Expand Up @@ -477,17 +477,27 @@ sub _authorize {

unless ( defined $self->restricted ) {


my $C = $$env{'psgix.context'};
my $mdpItem = $C->get_object('MdpItem');
my $ar = $C->get_object('Access::Rights');
my $gId = $mdpItem->GetId();

# require a valid session
my $ses = $C->get_object('Session');

# limit to users in an existing session
if ( $$ses{is_new} ) {
$self->restricted(1);
} else {

my $final_access_status = $ar->assert_final_access_status($C, $gId);
my $download_access_status = $ar->get_single_page_PDF_access_status($C, $gId);
my $final_access_status = $ar->assert_final_access_status($C, $gId);
my $download_access_status = $ar->get_single_page_PDF_access_status($C, $gId);

my $restricted = ! ( ( $final_access_status eq 'allow' ) && ( $download_access_status eq 'allow' ) );

$self->restricted($restricted);
my $restricted = ! ( ( $final_access_status eq 'allow' ) && ( $download_access_status eq 'allow' ) );

$self->restricted($restricted);
}
}
}

Expand Down
10 changes: 9 additions & 1 deletion imgsrv/lib/SRV/Volume/HTML.pm
Original file line number Diff line number Diff line change
Expand Up @@ -65,12 +65,19 @@ sub run {
return { contents => "<div></div>", mimetype => 'text/html' };
}

# limit to users in a current session
my $ses = $C->get_object('Session');
if ( $$ses{is_new} ) {
$self->restricted(1);
}

my $restricted = $self->restricted;
unless ( defined $restricted ) {
# $restricted = $C->get_object('Access::Rights')->assert_final_access_status($C, $gId) ne 'allow';
$restricted = $$env{'psgix.restricted'};
}


# now we deal with extracting
my $cache_dir = SRV::Utils::get_cachedir();

Expand Down Expand Up @@ -180,7 +187,8 @@ sub call_core {
my $max_age = 86400; # 1 day = 60 * 60 * 24
my $cache_control = qq{max-age=$max_age};

my $res = $req->new_response(200);
my $status = ( $self->restricted ) ? 403 : 200;
my $res = $req->new_response($status);
$res->content_type($$target{mimetype} . ";charset=utf-8");

my $contents = encode_utf8($$target{contents});
Expand Down
7 changes: 3 additions & 4 deletions imgsrv/lib/SRV/Volume/Image/Bundle.pm
Original file line number Diff line number Diff line change
Expand Up @@ -92,12 +92,11 @@ sub _authorize {

$self->SUPER::_authorize($env);
unless ( $self->restricted ) {
# technically the user has access but we need to
# limit resources for bundling to users in a current session
# unless you're using XYZZY=1 on the command line
my $C = $$env{'psgix.context'};
# limit to users in a current session
my $ses = $C->get_object('Session');
if ( $$ses{is_new} && ! $ENV{XYZZY} ) { $self->restricted(1); }
if ( $$ses{is_new} ) { $self->restricted(1); }
# limit TIFF bundling to 10 pages
elsif ( $self->format eq 'image/tiff' && $self->total_pages > 10 ) {
$self->restricted(1);
}
Expand Down
2 changes: 1 addition & 1 deletion mdp-lib/Institutions.pm
Original file line number Diff line number Diff line change
Expand Up @@ -329,7 +329,7 @@ sub get_idp_list {
$seen{$$hash_ref{inst_id}} = 1;

my $host = $ENV{'HTTP_HOST'} || 'localhost';
my $idp_url = $hash_ref->{template};
my $idp_url = $hash_ref->{template} || 'https://default.invalid';
$idp_url =~ s,___HOST___,$host,;
$idp_url =~ s,&amp;,&,;

Expand Down
24 changes: 12 additions & 12 deletions pt/web/firebird/tests/imgsrv_download.spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ test.describe('imgsrv download', () => {
test('download whole item pdf, full resolution', async ({ request, page }) => {
var currentTime = new Date().getTime();

const initialResponse = await request.get(
const initialResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/download/pdf?id=test.pd_open&callback=tunnelCallback&_=' + currentTime
);
const initialBody = await initialResponse.text();
Expand All @@ -33,7 +33,7 @@ test.describe('imgsrv download', () => {
let done = false;

while (done == false) {
const callbackResponse = await request.get('http://apache:8080' + callbackUrl);
const callbackResponse = await page.context().request.get('http://apache:8080' + callbackUrl);
const callbackJson = await callbackResponse.json();

if (callbackJson.status == 'DONE') {
Expand All @@ -47,7 +47,7 @@ test.describe('imgsrv download', () => {
}
}

const downloadResponse = await request.get('http://apache:8080' + downloadUrl);
const downloadResponse = await page.context().request.get('http://apache:8080' + downloadUrl);
const downloadHeaders = downloadResponse.headers();
const downloadBody = await downloadResponse.text();

Expand All @@ -57,10 +57,10 @@ test.describe('imgsrv download', () => {
expect(downloadBody.length).toBeGreaterThan(512 * 1024);
});

// test('download epub', async ({ request, page }) => {
// test('download epub', async ({ request, page }) => {
// var currentTime = new Date().getTime();
//
// const initialResponse = await request.get(
// const initialResponse = await page.context().request.get(
// 'http://apache:8080/cgi/imgsrv/download/epub?id=test.pd_open&callback=tunnelCallback&_=' + currentTime
// );
// const initialBody = await initialResponse.text();
Expand All @@ -79,7 +79,7 @@ test.describe('imgsrv download', () => {
// let done = false;
//
// while (done == false) {
// const callbackResponse = await request.get('http://apache:8080' + callbackUrl);
// const callbackResponse = await page.context().request.get('http://apache:8080' + callbackUrl);
// const callbackJson = await callbackResponse.json();
//
// if (callbackJson.status == 'DONE') {
Expand All @@ -93,7 +93,7 @@ test.describe('imgsrv download', () => {
// }
// }
//
// const downloadResponse = await request.get('http://apache:8080' + downloadUrl);
// const downloadResponse = await page.context().request.get('http://apache:8080' + downloadUrl);
// const downloadHeaders = downloadResponse.headers();
// const downloadBody = await downloadResponse.text();
//
Expand All @@ -106,7 +106,7 @@ test.describe('imgsrv download', () => {
test('download single tiff current page, full resolution', async ({ request, page }) => {
// no callback tunnel on single tiff

const downloadResponse = await request.get(
const downloadResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&attachment=1&tracker=D1&format=image/tiff&size=full&seq=1'
);
const downloadHeaders = downloadResponse.headers();
Expand All @@ -121,7 +121,7 @@ test.describe('imgsrv download', () => {
test('download single page jpeg, high resolution', async ({ request, page }) => {
//no callback tunnel on single pages

const downloadResponse = await request.get(
const downloadResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&attachment=1&tracker=D1&format=image/jpeg&size=ppi:300&seq=2'
);
const downloadHeaders = downloadResponse.headers();
Expand All @@ -135,7 +135,7 @@ test.describe('imgsrv download', () => {
test('download selected pages jpeg, full resolution', async ({ request, page }) => {
//no callback tunnel on non-tiff selections <11 pages

const downloadResponse = await request.get(
const downloadResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&attachment=1&tracker=D1&format=image/jpeg&target_ppi=0&seq=1&seq=2'
);
const downloadHeaders = downloadResponse.headers();
Expand All @@ -149,7 +149,7 @@ test.describe('imgsrv download', () => {
expect(downloadBody.length).toBeGreaterThan(1);
});
test('download pdf with bogus seq', async ({ request, page }) => {
const initialResponse = await request.get(
const initialResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/download/pdf?id=test.pd_open&attachment=1&tracker=D1&seq=mashed_potatoes'
);
expect(initialResponse.status()).toEqual(200);
Expand All @@ -172,7 +172,7 @@ test.describe('imgsrv download', () => {
expect(downloadBody.length).toBeGreaterThan(1);
});
test('download single selected page txt', async ({ request, page }) => {
const downloadResponse = await request.get(
const downloadResponse = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/download/plaintext?id=test.pd_open&attachment=1&tracker=D5&seq=2'
);
const downloadHeaders = downloadResponse.headers();
Expand Down
70 changes: 70 additions & 0 deletions pt/web/firebird/tests/imgsrv_session.spec.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
import { expect, test } from '@playwright/test';

test.describe('imgsrv requires session', () => {

test.describe('without session', () => {
test('download full pdf', async ({ request }) => {
var currentTime = new Date().getTime();

const response = await request.get(
'http://apache:8080/cgi/imgsrv/download/pdf?id=test.pd_open&callback=tunnelCallback&_=' + currentTime
);

expect(response.status()).toEqual(403)
});

test('download single page pdf', async ({ request }) => {
const response = await request.get(
'http://apache:8080/cgi/imgsrv/download/image?id=test.pd_open&attachment=1&tracker=D1&format=image%2Ftiff&target_ppi=0&seq=2'
);
expect(response.status()).toEqual(403);
});

test('page image, full resolution', async ({ request }) => {
const response = await request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&size=full&seq=1'
);

expect(response.status()).toEqual(403);
});

test('page image, default resolution', async ({ request }) => {
const response = await request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&seq=1'
);

expect(response.status()).toEqual(403);
});

test('page ocr', async ({ request }) => {
const response = await request.get(
'http://apache:8080/cgi/imgsrv/html?id=test.pd_open&seq=1'
);

expect(response.status()).toEqual(403);
});
});

test.describe('with session', () => {
// make sure we have appropriate session cookies etc before calling imgsrv
test.beforeEach(async ({ page }) => {
await page.goto('/cgi/pt?id=test.pd_open');
//accept the cookie banner before each test
await page.getByRole('button', { name: 'Allow all cookies' }).click();
});

test('page image', async ({ request, page }) => {
const response = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/image?id=test.pd_open&seq=1'
);
expect(response.status()).toEqual(200);
});

test('ocr', async ({ request, page }) => {
const response = await page.context().request.get(
'http://apache:8080/cgi/imgsrv/html?id=test.pd_open&seq=1'
);
expect(response.status()).toEqual(200);
});
});
});
Loading