feat: FileBone(public=True) for public files

src/viur/core/bones/file.py

@@ -314,5 +314,5 @@ def recreateFileEntryIfNeeded(val):
     def structure(self) -> dict:
         return super().structure() | {
             "valid_mime_types": self.validMimeTypes,
-            "public": self.public
+            "public": self.public,
         }

src/viur/core/modules/file.py

@@ -429,6 +429,7 @@ class FileNodeSkel(TreeSkel):
 class File(Tree):
     PENDING_POSTFIX = " (pending)"
     DOWNLOAD_URL_PREFIX = "/file/download/"
+    SERVE_URL_PREFIX = "/file/serve"
     MAX_FILENAME_LEN = 256
 
     leafSkelCls = FileLeafSkel
@@ -492,6 +493,53 @@ def hmac_sign(data: t.Any) -> str:
     def hmac_verify(data: t.Any, signature: str) -> bool:
         return hmac.compare_digest(File.hmac_sign(data.encode("ASCII")), signature)
 
+    @staticmethod
+    def create_serve_parameters(serving_url: str) -> t.Iterable[str] | None:
+        """
+        Splits a serving URL into its components, used by serve function.
+        :param serving_url: the serving URL to be split
+        :return: return a tuple of host and key
+        """
+        regex_result = re.match(
+            r"^https:\/\/(.*?)\.googleusercontent\.com\/(.*?)$",
+            serving_url
+        )
+
+        if regex_result:
+            return regex_result.groups()
+        return regex_result
+
+    @staticmethod
+    def create_serve_url(
+        serving_url: str,
+        size: t.Optional[int] = None,
+        filename: t.Optional[str] = None,
+        options: str = "",
+        download: bool = False
+    ) -> str:
+
+        serve_url = f"{File.SERVE_URL_PREFIX}"
+
+        serving_params = File.create_serve_parameters(serving_url)
+        if not serving_params:
+            raise errors.UnprocessableEntity(f"Invalid serving_url {serving_url!r} provided")
+
+        serve_url += f"/{'/'.join(serving_params)}"
+
+        path_parameters = [f"{x}" for x in [size, filename] if x is not None]
+        if path_parameters:
+            serve_url += f"/{'/'.join(path_parameters)}"
+
+        query_parameters = [
+            f"{k}={str(v).lower()}"
+            for k, v in {"options": options, "download": download}.items()
+            if bool(v) is not False]
+
+        if query_parameters:
+            serve_url += f"?{'&'.join(query_parameters)}"
+
+        return serve_url
+
     @staticmethod
     def create_download_url(
         dlkey: str,
@@ -944,68 +992,60 @@ def download(self, blobKey: str, fileName: str = "", download: bool = False, sig
 
         raise errors.Redirect(signedUrl)
 
+    SERVE_VALID_OPTIONS = {
+        "c",
+        "p",
+        "fv",
+        "fh",
+        "r90",
+        "r180",
+        "r270",
+        "nu",
+    }
+    """
+    Valid modification option shorts for the serve-function.
+    This is passed-through to the Google UserContent API, and hast to be supported there.
+    """
+
+    SERVE_VALID_FORMATS = {
+        "jpg": "rj",
+        "jpeg": "rj",
+        "png": "rp",
+        "webp": "rw",
+    }
+    """
+    Valid file-formats to the serve-function.
+    This is passed-through to the Google UserContent API, and hast to be supported there.
+    """
+
     @exposed
     def serve(
         self,
+        host: str,
         key: str,
         size: t.Optional[int] = None,
-        filename: t.Optional[str] = None,  # random string with .ext
+        filename: t.Optional[str] = None,
         options: str = "",
         download: bool = False,
     ):
         """
         Requests an image using the serving url to bypass direct Google requests.
 
-        :param key: a string with one __ seperator. The first part is the host prefix, the second part is the key
-        :param size: the target image size, take a look at the VALID_SIZES
-        :param filename: a random string with an extention, valid extentions are jpg,png,webp
-        :param options: - seperated options:
+        :param host: the google host prefix i.e. lh3
+        :param key: the serving url key
+        :param size: the target image size
+        :param filename: a random string with an extention, valid extentions are (defined in File.SERVE_VALID_FORMATS).
+        :param options: - seperated options (defined in File.SERVE_VALID_OPTIONS).
             c - crop
             p - face crop
             fv - vertrical flip
             fh - horizontal flip
             rXXX - rotate 90, 180, 270
             nu - no upscale
-        :param download: if value = 1 force download, else not
-        :return:
-        """
-
-        VALID_OPTIONS = {
-            "c",
-            "p",
-            "fv",
-            "fh",
-            "r90",
-            "r180",
-            "r270",
-            "nu"
-        }
-
-        VALID_SIZES = {
-            32, 48, 64, 72, 80, 90, 94,
-            104, 110, 120, 128, 144, 150, 160,
-            200, 220, 288,
-            320,
-            400,
-            512, 576,
-            640,
-            720,
-            800,
-            912,
-            1024, 1152, 1280, 1440, 1600
-        }
+        :param download: Serves the content as download (Content-Disposition) or not.
 
-        VALID_FMTS = {
-            "jpg": "rj",
-            "jpeg": "rj",
-            "png": "rp",
-            "webp": "rw",
-        }
-
-        try:
-            host, value = key.split("__", 1)
-        except ValueError:
-            raise errors.BadRequest("Invalid key provided for serving url")
+        :return: Returns the requested content on success, raises a proper HTTP exception otherwise.
+        """
 
         if any(c not in conf.search_valid_chars for c in host):
             raise errors.BadRequest("key contains invalid characters")
@@ -1015,34 +1055,37 @@ def serve(
 
         if filename:
             fmt = filename.rsplit(".", 1)[-1].lower()
-            if fmt in VALID_FMTS:
+            if fmt in self.SERVE_VALID_FORMATS:
                 file_fmt = fmt
+            else:
+                raise errors.UnprocessableEntity(f"Unsupported filetype {fmt}")
 
-        url = f"https://{host}.googleusercontent.com/{value}"
+        url = f"https://{host}.googleusercontent.com/{key}"
 
-        if options and not all(param in VALID_OPTIONS for param in options.split("-")):
+        if options and not all(param in self.SERVE_VALID_OPTIONS for param in options.split("-")):
             raise errors.BadRequest("Invalid options provided")
 
-        options += f"-{VALID_FMTS[file_fmt]}"
+        options += f"-{self.SERVE_VALID_FORMATS[file_fmt]}"
 
-        if size and size in VALID_SIZES:
+        if size:
             options = f"s{size}-" + options
 
         url += "=" + options
 
-        try:
-            response = current.request.get().response
-            response.headers["Content-Type"] = f"image/{file_fmt}"
-            response.headers["Cache-Control"] = "public, max-age=604800"  # 7 Days
-            if download:
-                response.headers["Content-Disposition"] = f"attachment; filename={filename}"
-            else:
-                response.headers["Content-Disposition"] = f"filename={filename}"
+        response = current.request.get().response
+        response.headers["Content-Type"] = f"image/{file_fmt}"
+        response.headers["Cache-Control"] = "public, max-age=604800"  # 7 Days
+        if download:
+            response.headers["Content-Disposition"] = f"attachment; filename={filename}"
+        else:
+            response.headers["Content-Disposition"] = f"filename={filename}"
 
-            return requests.get(url).content
+        answ = requests.get(url, timeout=20)
+        if not answ.ok:
+            logging.error(f"{answ.status_code} {answ.text}")
+            raise errors.BadRequest("Unable to fetch a file with these parameters")
 
-        except Exception as e:
-            raise errors.BadRequest("Invalid Url")
+        return answ.content
 
     @exposed
     @force_ssl