MCPcopy Index your code
hub / github.com/rilldata/rill / assetsHandler

Method assetsHandler

runtime/server/assets.go:16–64  ·  view source on GitHub ↗
(w http.ResponseWriter, req *http.Request)

Source from the content-addressed store, hash-verified

14)
15
16func (s *Server) assetsHandler(w http.ResponseWriter, req *http.Request) error {
17 ctx := req.Context()
18 instanceID := req.PathValue("instance_id")
19 path := req.PathValue("path")
20
21 observability.AddRequestAttributes(ctx,
22 attribute.String("args.instance_id", instanceID),
23 attribute.String("args.path", path),
24 )
25
26 if !auth.GetClaims(req.Context(), instanceID).Can(runtime.ReadObjects) {
27 return httputil.Errorf(http.StatusForbidden, "does not have access to assets")
28 }
29
30 inst, err := s.runtime.Instance(ctx, instanceID)
31 if err != nil {
32 return err
33 }
34
35 allowed := false
36 for _, p := range inst.PublicPaths {
37 // 'p' can be `/public`, `/public/`, `public/`, `public` (with os-based separators)
38 // match pattern `public/*` or `/public/*`
39 ok, err := filepath.Match(fmt.Sprintf("%s%c*", filepath.Clean(p), os.PathSeparator), path)
40 if err != nil {
41 return httputil.Error(http.StatusBadRequest, err)
42 }
43 if ok {
44 allowed = true
45 break
46 }
47 }
48 if !allowed {
49 return httputil.Error(http.StatusForbidden, fmt.Errorf("path is not allowed"))
50 }
51
52 repo, release, err := s.runtime.Repo(ctx, instanceID)
53 if err != nil {
54 return err
55 }
56 defer release()
57
58 str, err := repo.Get(ctx, path)
59 if err != nil {
60 return err
61 }
62 _, err = w.Write([]byte(str))
63 return err
64}

Callers

nothing calls this directly

Calls 12

AddRequestAttributesFunction · 0.92
GetClaimsFunction · 0.92
ErrorfFunction · 0.92
ErrorFunction · 0.92
CanMethod · 0.80
InstanceMethod · 0.80
RepoMethod · 0.80
ContextMethod · 0.65
StringMethod · 0.65
ErrorfMethod · 0.65
GetMethod · 0.65
WriteMethod · 0.45

Tested by

no test coverage detected