def refresh_thumbnail():
def refresh_thumbnail_helper(dir_model):
dir_children = [d for d in Directory.query.filter(Directory.parent == dir_model.id).all()]
file_children = [f for f in File.query.filter(File.parent == dir_model.id).all()]
for file in file_children:
if file.thumbnail_uuid != DEFAULT_THUMBNAIL_NAME:
return file.thumbnail_uuid
for d in dir_children:
if d.thumbnail_uuid != DEFAULT_THUMBNAIL_NAME:
return d.thumbnail_uuid
# WE HAVE TO GO DEEPER (inception noise)
for d in dir_children:
return refresh_thumbnail_helper(d)
# No thumbnail found
return DEFAULT_THUMBNAIL_NAME
missing_thumbnails = File.query.filter(File.thumbnail_uuid == DEFAULT_THUMBNAIL_NAME).all()
for file_model in missing_thumbnails:
dir_path = get_full_dir_path(file_model.parent)
file_path = os.path.join(dir_path, file_model.name)
mime = file_model.mimetype
file_model.thumbnail_uuid = generate_image_thumbnail(file_path, dir_path, mime)
db.session.flush()
db.session.commit()
db.session.refresh(file_model)
missing_thumbnails = Directory.query.filter(Directory.thumbnail_uuid == DEFAULT_THUMBNAIL_NAME).all()
for dir_model in missing_thumbnails:
dir_model.thumbnail_uuid = refresh_thumbnail_helper(dir_model)
db.session.flush()
db.session.commit()
db.session.refresh(dir_model)
def delete_dir(dir_id, auth_dict=None):
dir_id = int(dir_id)
dir_model = Directory.query.filter(Directory.id == dir_id).first()
if dir_model is None:
return "dir not found", 404
if dir_model.id <= ROOT_DIR_ID:
return "Permission denied", 403
if not (auth_dict['is_eboard']
or auth_dict['is_rtp']
or auth_dict['uuid'] == dir_model.author):
return "Permission denied", 403
dirs = [d for d in Directory.query.filter(Directory.parent == dir_id).all()]
files = [f for f in File.query.filter(File.parent == dir_id).all()]
for child_dir in dirs:
delete_dir(child_dir.id)
for child_file in files:
delete_file(child_file.id)
if len(dir_model.thumbnail_uuid.split('.')) > 1:
dir_path = get_full_dir_path(dir_model.id)
os.rmdir(dir_path)
db.session.delete(dir_model)
db.session.flush()
db.session.commit()
return "ok", 200
def api_mkdir(internal=False,
parent_id=None,
dir_name=None,
owner=None,
auth_dict=None):
owner = auth_dict['uuid']
# hardcoding is bad
parent_id = request.form.get('parent_id')
path = get_full_dir_path(parent_id)
# at this point path is something like
# gallery-data/root
file_path = os.path.join(path, request.form.get('dir_name'))
_, count = re.subn(r'[^a-zA-Z0-9 \/\-\_]', '', file_path)
if not file_path.startswith("/gallery-data/root") or count != 0:
return "invalid path" + file_path, 400
# mkdir -p that shit
if not os.path.exists(file_path):
os.makedirs(file_path)
# strip out new dir names now filtered by regex!
if file_path.startswith(path):
file_path = file_path[(len(path)):]
upload_status = {}
upload_status['error'] = []
upload_status['success'] = []
# Sometimes we want to put things in their place
if file_path != "" and file_path != "/":
path = file_path.split('/')
path.pop(0) # remove blank
# now put these dirs in the db
for directory in path:
# ignore dir//dir patterns
if directory == "":
continue
parent_id = add_directory(parent_id, directory, "", owner)
if parent_id is None:
upload_status['error'].append(directory)
else:
upload_status['success'].append({
"name": directory,
"id": parent_id
})
# Create return object
upload_status['redirect'] = "/view/dir/" + str(parent_id)
return jsonify(upload_status)
def display_file(file_id):
file_id = int(file_id)
path_stack = []
file_model = File.query.filter(File.id == file_id).first()
if file_model is None:
return "file not found", 404
dir_model = Directory.query.filter(Directory.id == file_model.parent).first()
path = get_full_dir_path(dir_model.id)
return send_from_directory(path, file_model.name,
mimetype=file_model.mimetype)
def refresh_default_thumbnails():
missing_thumbnails = File.query.filter(File.thumbnail_uuid == DEFAULT_THUMBNAIL_NAME).all()
for file_model in missing_thumbnails:
dir_path = get_full_dir_path(file_model.parent)
file_path = os.path.join(dir_path, file_model.name)
mime = file_model.mimetype
file_model.thumbnail_uuid = generate_image_thumbnail(file_path, dir_path, mime)
db.session.flush()
db.session.commit()
db.session.refresh(file_model)
missing_thumbnails = Directory.query.filter(Directory.thumbnail_uuid == DEFAULT_THUMBNAIL_NAME).all()
for dir_model in missing_thumbnails:
dir_model.thumbnail_uuid = refresh_directory_thumbnail(dir_model)
db.session.flush()
db.session.commit()
db.session.refresh(dir_model)
def delete_file(file_id, auth_dict=None):
file_id = int(file_id)
file_model = File.query.filter(File.id == file_id).first()
if file_model is None:
return "file not found", 404
if not (auth_dict['is_eboard'] or auth_dict['is_rtp']
or auth_dict['uuid'] == file_model.author):
return "Permission denied", 403
file_path = os.path.join(get_full_dir_path(file_model.parent),
file_model.name)
db.session.delete(file_model)
os.remove(file_path)
db.session.flush()
db.session.commit()
return "ok", 200
def upload_file(auth_dict=None):
# Dropzone multi file is broke with .getlist()
uploaded_files = [t[1] for t in request.files.items()]
files = []
owner = auth_dict['uuid']
# hardcoding is bad
parent = request.form.get('parent_id')
# Create return object
upload_status = {}
upload_status['error'] = []
upload_status['success'] = []
upload_status['redirect'] = "/view/dir/" + str(parent)
dir_path = get_full_dir_path(parent)
for upload in uploaded_files:
filename = secure_filename(upload.filename)
file_model = File.query.filter(File.parent == parent) \
.filter(File.name == filename).first()
if file_model is None:
filepath = os.path.join(dir_path, filename)
upload.save(filepath)
file_model = add_file(filename, dir_path, parent, "", owner)
if file_model is None:
upload_status['error'].append(filename)
continue
upload_status['success'].append(
{
"name": file_model.name,
"id": file_model.id
})
else:
upload_status['error'].append(filename)
refresh_thumbnail()
# actually redirect to URL
# change from FORM post to AJAX maybe?
return jsonify(upload_status)