o hC_ @sddlZddlZddlZddlZddlZddlmZmZddlmZddlm Z ddl m Z m Z m Z ddlmZddlmZmZddlmZdd lmZdd lmZdd lmZmZdd lmZdd lmZm Z m!Z!m"Z"m#Z#m$Z$m%Z%zddl&Z'ddl(m)Z)ddl*m+Z+ddl,m-Z-Wne.yZ/zede/dZ/[/wwddZ0ddZ1e0e1fD]Z2ze2Z3Wn e.yYqwddZ3eGdddeZ4eGdddeZ5Gddde5Z6Gdddee6Z7dS) N)datetime timedelta)GzipFile)SpooledTemporaryFile) parse_qsl urlencodeurlsplit)ManifestFilesMixin)ImproperlyConfiguredSuspiciousOperation)File)deconstructible)filepath_to_uri)is_naive make_naive) BaseStorage)GzipCompressionWrappercheck_locationget_available_overwrite_name lookup_env safe_joinsettingto_bytes)Config) ClientError)CloudFrontSignerz&Could not load Boto3's S3 bindings. %scsFddlmddlmddlmddlmfdd}|S)Nr)default_backend)hashes)padding)load_pem_private_keycs:t|tr |d}|ddt|fddS)Nascii)passwordbackendcs|SN)signZPKCS1v15SHA1x)rkeyra/var/www/html/magazine_api/magazine_env/lib/python3.10/site-packages/storages/backends/s3boto3.py2szP_use_cryptography_signer.._cloud_front_signer_from_pem..) isinstancestrencoderkey_idpemrrrrr(r*_cloud_front_signer_from_pem+s  z>_use_cryptography_signer.._cloud_front_signer_from_pem)Zcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricrZ,cryptography.hazmat.primitives.serializationrr4r)r2r*_use_cryptography_signer"s     r6csddlfdd}|S)Nrcs4t|tr |d}j|t|fddS)Nr cs|dS)NzSHA-1)r$r&)r(rsar)r*r+?szG_use_rsa_signer.._cloud_front_signer_from_pem..)r,r-r.Z PrivateKeyZ load_pkcs1rr/r7r3r*r4;s   z5_use_rsa_signer.._cloud_front_signer_from_pemr8r5r)r8r*_use_rsa_signer7s r9cCstd)NznAn RSA backend is required for signing cloudfront URLs. Supported backends are packages: cryptography and rsa.)r r/r)r)r*r4Ksr4cseZdZdZdddZeddZddZd d ZeeeZ fd d Z fd dZ fddZ eddZ ddZddZddZZS)S3Boto3StorageFileag The default file object used by the S3Boto3Storage backend. This file implements file streaming using boto's multipart uploading functionality. The file can be opened in read or write mode. This class extends Django's File class. However, the contained data is only the data contained in the current buffer. So you should not access the contained file object directly. You should access the data via this class. Warning: This file *must* be closed using the close() method in order to properly write the file to S3. Be sure to close the file in your application. NcCsd|vr d|vr td||_|t|jjdd|_||_d|vr(ddndd|_|j ||_ d|vr=|j d |_ d |_ d|_d|_d|_|pRtd d |_d |_dS) Nrwz"Can't combine 'r' and 'w' in mode./bcSs|Sr#r)r>r)r)r*r+jsz-S3Boto3StorageFile.__init__..cSs|Sr#)decoder?r)r)r*r+jsFrZAWS_S3_FILE_BUFFER_SIZEiP) ValueError_storagelenlocationlstripname_mode _force_modebucketObjectobjload _is_dirty_raw_bytes_written_file _multipart_partsr buffer_size_write_counter)selfrFmodeZstoragerRr)r)r*__init__ds   zS3Boto3StorageFile.__init__cCs|jjSr#)rKcontent_lengthrTr)r)r*size{zS3Boto3StorageFile.sizecCsz|jdur:t|jjdtdd|_d|jvr&d|_|j|j|j d|jj r:|jj dkr:t |j|jdd |_|jS) Nz.S3Boto3StorageFileZFILE_UPLOAD_TEMP_DIR)max_sizesuffixdirr;Frgzipg)rUfileobjmtime) rOrrBmax_memory_sizerrGrMrKZdownload_fileobjseekr^content_encodingrrXr)r)r* _get_files   zS3Boto3StorageFile._get_filecCs ||_dSr#)rO)rTvaluer)r)r* _set_file zS3Boto3StorageFile._set_filec*d|jvr td|tj|i|SNr;z!File was not opened in read mode.)rGAttributeErrorrHsuperreadrTargskwargs __class__r)r*rl zS3Boto3StorageFile.readcrhri)rGrjrHrkreadlinermrpr)r*rsrrzS3Boto3StorageFile.readlinecsd|jvr tdd|_|jdur$|jjdi|j|jj|_g|_ |j |j kr.| t |}|jt|7_t|S)Nr<z"File was not opened in write mode.Tr))rGrjrMrPrKZinitiate_multipart_uploadrB_get_write_parametersr(rQrR_buffer_file_size_flush_write_bufferrrNrCrkwrite)rTcontentZbstrrpr)r*rws     zS3Boto3StorageFile.writecCs4|j}|jdtj|j}|j||SNr)filetellrbosSEEK_END)rTposlengthr)r)r*rus   z$S3Boto3StorageFile._buffer_file_sizecCsv|jr9|jd7_|jd|j|j}|j|jd}|j |d|jd|jd|j dSdS)Nr)BodyETag)rZ PartNumber) rurSrzrbrPZPartZuploadrlrQappendtruncate)rTpartresponser)r)r*rvs  z&S3Boto3StorageFile._flush_write_bufferc Csd|jvsJ|jdksJz|jWdStyE}z#|jdddkr9|jjd ddi|j|jj nWYd}~dSd}~ww) a Attempt to create an empty file for this key when this File is closed if no bytes have been written and no object already exists on S3 for this key. This behavior is meant to mimic the behavior of Django's builtin FileSystemStorage, where files are always created after they are opened in write mode: f = storage.open('file.txt', mode='w') f.close() r<rResponseMetadataHTTPStatusCoderNr)) rGrNrKrLrrputrBrtr()rTerrr)r)r*_create_empty_on_closes  z)S3Boto3StorageFile._create_empty_on_closecCsv|jr||jjd|jidn|jdur|jd|jvr*|jdkr*||j dur9|j d|_ dSdS)NZParts)ZMultipartUploadr<r) rMrvrPZcompleterQabortrGrNrrOcloserXr)r)r*rs     zS3Boto3StorageFile.closer#)__name__ __module__ __qualname____doc__rVpropertyrYrdrfrzrlrsrwrurvrr __classcell__r)r)rpr*r:Qs         r:cs eZdZdZdZdZddgZddgZdd gZdZ fd d Z d d Z ddZ ddZ ddZeddZddZeddZddZddZddZd d!Zd"d#Zd?d%d&Zd'd(Zd)d*Zd+d,Zd-d.Zd/d0Zd@d1d2Zd3d4Zd5d6Z d7d8Z!d9d:Z"dAd;d<Z#d@fd=d> Z$Z%S)BS3Boto3Storagez Amazon Simple Storage Service using Boto3 This storage backend supports opening files in read or write mode and supports streaming(buffering) data in chunks to S3 when writing. zapplication/octet-streamNAWS_S3_ACCESS_KEY_IDAWS_ACCESS_KEY_IDAWS_S3_SECRET_ACCESS_KEYAWS_SECRET_ACCESS_KEYZAWS_SESSION_TOKENZAWS_SECURITY_TOKENc sxtjdi|t||jrd|_d|_t|_| \|_ |_ | |_ |js:td|ji|j|jd|_dSdS)Nzhttps:addressing_style)s3signature_versionproxiesr))rkrVr secure_urls url_protocol_bucket threadinglocal _connections_get_access_keys access_key secret_key_get_security_tokensecurity_tokenconfigrrrr)rTsettingsrpr)r*rVs   zS3Boto3Storage.__init__cCs t||Sr#r5)rTr0r(r)r)r*get_cloudfront_signerrgz$S3Boto3Storage.get_cloudfront_signerc Csrtd}td}t|t|Artd|r|||}nd}td}td}td}|s/|r5|r5tdidtdtd d tdtd d tdd tdddtdidtddtdddtdddtddtdddtdd |d!td"d#td$dd%td&d'd(td)d*d+td,d-td.d/td0td1td2td3dtd4dtd5d6td7dd8S)9NZAWS_CLOUDFRONT_KEY_IDZAWS_CLOUDFRONT_KEYzLBoth AWS_CLOUDFRONT_KEY_ID and AWS_CLOUDFRONT_KEY must be provided together.rrZAWS_S3_SESSION_PROFILEzdAWS_S3_SESSION_PROFILE should not be provided with AWS_S3_ACCESS_KEY_ID and AWS_S3_SECRET_ACCESS_KEYrrrrsession_profilefile_overwriteZAWS_S3_FILE_OVERWRITETobject_parametersZAWS_S3_OBJECT_PARAMETERS bucket_nameZAWS_STORAGE_BUCKET_NAMEquerystring_authZAWS_QUERYSTRING_AUTHquerystring_expireZAWS_QUERYSTRING_EXPIREirZAWS_S3_SIGNATURE_VERSIONrDZ AWS_LOCATION custom_domainZAWS_S3_CUSTOM_DOMAINcloudfront_signerrZAWS_S3_ADDRESSING_STYLErZAWS_S3_SECURE_URLSZfile_name_charsetZAWS_S3_FILE_NAME_CHARSETzutf-8r^ZAWS_IS_GZIPPEDFgzip_content_typesZGZIP_CONTENT_TYPES)ztext/cssztext/javascriptzapplication/javascriptzapplication/x-javascriptz image/svg+xmlZAWS_S3_URL_PROTOCOLzhttp:ZAWS_S3_ENDPOINT_URLZAWS_S3_PROXIESZAWS_S3_REGION_NAMEZAWS_S3_USE_SSLZ AWS_S3_VERIFYZAWS_S3_MAX_MEMORY_SIZErZAWS_DEFAULT_ACL)r endpoint_urlr region_nameuse_sslverifyra default_acl)rboolr r)rTZcloudfront_key_idZcloudfront_keyrZs3_access_key_idZs3_secret_access_keyZs3_session_profiler)r)r*get_default_settingssx              z#S3Boto3Storage.get_default_settingscCs&|j}|dd|dd|SNrr)__dict__copypoprTstater)r)r* __getstate__Ps   zS3Boto3Storage.__getstate__cCst|d<d|d<||_dSr)rrrrr)r)r* __setstate__Vs  zS3Boto3Storage.__setstate__cCsJt|jdd}|dur!|}|jd|j|j|j|j|jd|j_ |jj S)N connectionr)rrrrr) getattrr_create_sessionresourcerrrrrr)rTrsessionr)r)r*r[s zS3Boto3Storage.connectioncCs2|jr tj|jd}|Stj|j|j|jd}|S)z If a user specifies a profile name and this class obtains access keys from another source such as environment variables,we want the profile name to take precedence. )Z profile_name)Zaws_access_key_idZaws_secret_access_keyZaws_session_token)rboto3Sessionrrr)rTrr)r)r*rjszS3Boto3Storage._create_sessioncCs |jdur |j|j|_|jS)za Get the current bucket. If there is no current bucket object create it. N)rrBucketrrXr)r)r*rIzs zS3Boto3Storage.bucketcCs(|jpt|j}|jpt|j}||fS)z Gets the access keys to use when accessing S3. If none is provided in the settings then get them from the environment variables. )rraccess_key_namesrsecret_key_names)rTrrr)r)r*rszS3Boto3Storage._get_access_keyscCs|jpt|j}|S)zr Gets the security token to use when accessing S3. Get it from the environment variables. )rrsecurity_token_names)rTrr)r)r*rsz"S3Boto3Storage._get_security_tokencCs2t|dd}|dr|ds|d7}|S)zB Cleans the name so that Windows style paths work \r=) posixpathnormpathreplaceendswith)rTrFZ clean_namer)r)r* _clean_nameszS3Boto3Storage._clean_namecCs*zt|j|WStytd|w)z Normalizes the name so that paths like /path/to/ignored/../something.txt work. We check to make sure that the path pointed to is not outside the directory specified by the LOCATION setting. z Attempted access to '%s' denied.)rrDrAr rTrFr)r)r*_normalize_names   zS3Boto3Storage._normalize_namecCst|S)zGzip a given string content.)r)rTrxr)r)r*_compress_contentrZz S3Boto3Storage._compress_contentrbc Cs\|||}z t|||}W|Sty-}z|jdddkr(td|d}~ww)NrrrzFile does not exist: %s)rrr:rrFileNotFoundError)rTrFrUfrr)r)r*_opens zS3Boto3Storage._opencCs||}||}|||}t|dr|r |dtj|jr7|d|j vr7d|vr7| |}d|d<|j |}|j ||d|S)Nseekabler ContentTypeContentEncodingr^)Z ExtraArgs)rrrthasattrrrbr|SEEK_SETr^rrrIrJZupload_fileobj)rTrFrxZ cleaned_nameparamsrKr)r)r*_saves     zS3Boto3Storage._savecCs$|||}|j|dSr#)rrrIrJdeleterr)r)r*rszS3Boto3Storage.deletec Csh|||}z|jjjj|j|dWdSty3}z|jdddkr.WYd}~dSd}~ww)N)rKeyTrrrF) rrrmetaclientZ head_objectrrr)rTrFerrorr)r)r*existsszS3Boto3Storage.existsc Cs|||}|r|ds|d7}g}g}|jjjd}|j|jd|d}|D]0}| ddD] }| t |d|q2| ddD]}|d} | |krY| t | |qFq*||fS) Nr=Z list_objects)r DelimiterPrefixZCommonPrefixesr)rZContentsr) rrrrrrZ get_paginatorZpaginatergetrrrelpath) rTrFpath directoriesfilesZ paginatorZpagespageentryr(r)r)r*listdirs"zS3Boto3Storage.listdircCs|||}|j|jSr#)rrrIrJrWrr)r)r*rYszS3Boto3Storage.sizecCsli}t|\}}t|dd}|p|p|j}||d<|r ||d<|||d|vr4|jr4|j|d<|S)N content_typerrZACL) mimetypes guess_typerdefault_content_typeupdateget_object_parametersr)rTrFrxr_typeencodingrr)r)r*rts  z$S3Boto3Storage._get_write_parameterscCs |jS)aB Returns a dictionary that is passed to file upload. Override this method to adjust this on a per-object basis to set e.g ContentDisposition. By default, returns the value of AWS_S3_OBJECT_PARAMETERS. Setting ContentEncoding will prevent objects from being automatically gzipped. )rrrr)r)r*rs z$S3Boto3Storage.get_object_parameterscCs4|||}|j|}tdr|jSt|jS)z Returns an (aware) datetime object containing the last modified time if USE_TZ is True, otherwise returns a naive datetime in the local timezone. ZUSE_TZ)rrrIrJrZ last_modifiedr)rTrFrr)r)r*get_modified_times   z S3Boto3Storage.get_modified_timecCs||}t|r |St|S)zBReturns a naive datetime object containing the last modified time.)rrr)rTrFr`r)r)r* modified_times zS3Boto3Storage.modified_timecsXt|}t|jdd}hdfdd|D}dd|D}|jd|d}|S) NT)keep_blank_values> signaturez x-amz-dateZawsaccesskeyidzx-amz-algorithmzx-amz-security-tokenzx-amz-credentialexpireszx-amz-signaturezx-amz-signedheadersz x-amz-expiresc3s(|]\}}|vr||fVqdSr#)lower).0r(valZ blacklistr)r* 4s&z;S3Boto3Storage._strip_signing_parameters..css|]}d|VqdS)=N)join)rkeyvalr)r)r*r7s&)query)rrr _replacergeturl)rTurlZ split_urlqsZ filtered_qsZ joined_qsr)rr*_strip_signing_parameters&sz(S3Boto3Storage._strip_signing_parametersc Cs|||}|r|ni}|dur|j}|jrHd|j|jt||r,dt|nd}|j rF|j rFt t |d}|j j||dS|S|jj|d<||d<|jjjjd|||d }|j rc|S||S) Nz {}//{}/{}{}z?{}r)seconds)Zdate_less_thanrrZ get_object)ZParamsZ ExpiresInZ HttpMethod)rrrrrformatrrrrrrutcnowrZgenerate_presigned_urlrIrFrrr)rTrF parametersZexpireZ http_methodrrZ expirationr)r)r*r;s.   zS3Boto3Storage.urlcs(||}|jr t||St||S)z+Overwrite existing file with the same name.)rrrrkget_available_name)rTrF max_lengthrpr)r*rXs  z!S3Boto3Storage.get_available_name)rr#)NNN)&rrrrrrrrrrrVrrrrrrrrIrrrrrrrrrrrYrtrrrrrrrr)r)rpr*rsH 9           rc@seZdZdZdZdS)S3StaticStoragezLQuerystring auth must be disabled so that url() returns a consistent output.FN)rrrrrr)r)r)r*r`srcs eZdZdZfddZZS)S3ManifestStaticStoragezCopy the file before saving for compatibility with ManifestFilesMixin which does not play nicely with boto3 automatically closing the file. See: https://github.com/boto/s3transfer/issues/80#issuecomment-562356142 csR|dt}||t||WdS1s"wYdSry)rbtempfilerrwrlrkr)rTrFrxtmprpr)r*rls   $zS3ManifestStaticStorage._save)rrrrrrr)r)rpr*resr)8rr|rrrrrr^rr urllib.parserrrZ"django.contrib.staticfiles.storager Zdjango.core.exceptionsr r Zdjango.core.files.baser Zdjango.utils.deconstructr Zdjango.utils.encodingrZdjango.utils.timezonerrZ storages.baserZstorages.utilsrrrrrrrZ boto3.sessionrZbotocore.clientrZbotocore.exceptionsrZbotocore.signersr ImportErrorer6r9Z_signer_factoryr4r:rrrr)r)r)r*sZ       $     x