Fix for ticket #502

This patch allows users with only view permission to request fullsize
prints using Digibug.  There is now a Digibug config file that contains
the IP ranges of the Digibug servers.  Any request for the full size
image via the print proxy must come from within the ranges in the config
file.

The reason for the "if (!Test_Mode) {..." is that the print proxy makes a
call to Kohana::close_buffers, which closes all the output buffers and then
we see the image download on the console which messes up the test output.

1 files changed, 38 insertions, 12 deletions

diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php
index d881db9b..e0f4b6bf 100644
--- a/modules/digibug/controllers/digibug.php
+++ b/modules/digibug/controllers/digibug.php
@@ -21,7 +21,7 @@ class Digibug_Controller extends Controller {
   public function print_photo($id) {
     access::verify_csrf();
     $item = ORM::factory("item", $id);
-    access::required("view_full", $item);
+    access::required("view", $item);
 
     if (access::group_can(group::everybody(), "view_full", $item)) {
       $full_url = $item->file_url(true);
@@ -56,6 +56,30 @@ class Digibug_Controller extends Controller {
   }
 
   public function print_proxy($type, $id) {
+    // If its a request for the full size then make sure we are coming from an
+    // authorized address
+    if ($type == "full") {
+      $remote_addr = ip2long($this->input->server("REMOTE_ADDR"));
+      if ($remote_addr === false) {
+        Kohana::show_404();
+      }
+      $config = Kohana::config("digibug");
+
+      $authorized = false;
+      foreach ($config["ranges"] as $ip_range) {
+        $low = ip2long($ip_range["low"]);
+        $high = ip2long($ip_range["high"]);
+        $authorized = $low !== false && $high !== false &&
+          $low <= $remote_addr && $remote_addr <= $high;
+        if ($authorized) {
+          break;
+        }
+      }
+      if (!$authorized) {
+        Kohana::show_404();
+      }
+    }
+
     $proxy = ORM::factory("digibug_proxy", array("uuid" => $id));
     if (!$proxy->loaded || !$proxy->item->loaded) {
       Kohana::show_404();
@@ -69,16 +93,18 @@ class Digibug_Controller extends Controller {
     // We don't need to save the session for this request
     Session::abort_save();
 
-    // Dump out the image
-    header("Content-Type: $proxy->item->mime_type");
-    Kohana::close_buffers(false);
-    $fd = fopen($file, "rb");
-    fpassthru($fd);
-    fclose($fd);
+    if (!TEST_MODE) {
+      // Dump out the image
+      header("Content-Type: $proxy->item->mime_type");
+      Kohana::close_buffers(false);
+      $fd = fopen($file, "rb");
+      fpassthru($fd);
+      fclose($fd);
 
-    // If the request was for the image and not the thumb, then delete the proxy.
-    if ($type == "full") {
-      $proxy->delete();
+      // If the request was for the image and not the thumb, then delete the proxy.
+      if ($type == "full") {
+        $proxy->delete();
+      }
     }
 
     $this->_clean_expired();
@@ -89,8 +115,8 @@ class Digibug_Controller extends Controller {
   }
 
   private function _clean_expired() {
-    Database::instance()>query(
-      "DELETE FROM {digibug_proxy} " .
+    Database::instance()->query(
+      "DELETE FROM {digibug_proxies} " .
       "WHERE request_date <= (CURDATE() - INTERVAL 10 DAY) " .
       "LIMIT 20");
   }