Example #1
0
def create():
    if request.method == 'POST':
        title = request.form['title']
        body = request.form['body']
        image_file = request.files['file']
        error = None

        if not title:
            error = 'Title is required.'

        if error is not None:
            flash(error)
        if not image_file:
            flash("Please Attach a file")
        else:

            folder = f"user_{g.user.id}"  # static/images
            try:
                image_path = image_helper.save_image(image_file, folder=folder)
                basename = image_helper.get_path(image_path)
                userModel = UserModel.find_user_by_id(g.user.id)
                post = PostModel(title=title,
                                 posts=body,
                                 image_url=image_path,
                                 user_id=userModel.id)
                post.save_to_db()

            except UploadNotAllowed:
                extension = image_helper.get_extension(image_file)
                flash("file with extension {} not allowed".format(extension))

            return redirect(url_for('blog.index'))

    return render_template('blog/create.html')
Example #2
0
 def get(cls, filename: str):
     user_id = get_jwt_identity()
     folder = "user_{}".format(user_id)
     if not image_helper.is_filename_safe(filename):
         return {"message": IMAGE_ILLEGAL_FILENAME}, 400
     try:
         return send_file(image_helper.get_path(filename, folder=folder))
     except FileNotFoundError:
         return {"message": IMAGE_NOT_FOUND}, 404
 def get(cls, filename: str):
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe(filename):
         return {"message": gettext("image_illegal_file_name").format(filename)}, 400
     try:
         return send_file(image_helper.get_path(filename, folder=folder))
     except FileNotFoundError:
         return {"message": gettext("image_not_found").format(filename)}, 404
Example #4
0
 def get(cls, filename: str):
     """Returns the requseted image if it exists. Looks up inside the logged user's folder"""
     user_id = get_jwt_identity()
     folder = f'user_{user_id}'
     if not image_helper.is_filename_safe(filename):
         return {'message': gettext("image_illegal_file_name").format(filename)}, 400
     
     try:
         return send_file(image_helper.get_path(filename, folder=folder))
     except FileNotFoundError:
         return {'message': gettext("image_not_found").format(filename)}, 404
Example #5
0
 def get(self, filename: str):
     """
     Returns the requested image if it exists, looks up in the loggedin users folder
     """
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe(filename):
         return {"message": IMAGE_ILLEGAL_FILE_NAME.format(filename)}, 400
     try:
         return send_file(image_helper.get_path(filename, folder=folder))
     except FileNotFoundError:
         return {"message": IMAGE_NOT_FOUND.format(filename)}, 404
    def get(cls, filename: str):
        """Returns the requested image if it exists."""
        folder = f"user_{get_jwt_identity()}"
        if not image_helper.is_filename_safe(filename):
            return {
                "message": gettext("image_illegal_file_name").format(filename)
            }, 400

        try:
            return send_file(image_helper.get_path(filename, folder))
        except FileNotFoundError:
            return {"message": gettext("image_not_found")}, 404
Example #7
0
 def delete(cls, filename: str):
     user_id = get_jwt_identity()
     folder = f'user_{user_id}'
     if not image_helper.is_filename_safe(filename):
         return {'message': gettext("image_illegal_file_name").format(filename)}, 400
     
     try:
         os.remove(image_helper.get_path(filename, folder=folder))
         return {'message': gettext('image_deleted').format(filename)}, 200
     except FileNotFoundError:
         return {'message': gettext("image_not_found").format(filename)}, 404
     except:
         return {'message': gettext("image_delete_failed")}, 500
Example #8
0
 def get(cls, filename: str):
     """
     Return requested image for user if exists
     """
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe():
         return {"message": f"Image illegal filename"}, 400
     try:
         return send_file(image_helper.get_path(filename,
                                                folder=folder)), 200
     except FileNotFoundError:
         return {'message': 'Image not found'}, 404
 def delete(cls, filename):
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe(filename):
         return {"message": gettext("image_illegal_file_name").format(filename)}, 400
     try:
         os.remove(image_helper.get_path(filename, folder=folder))
         return {"message": gettext("image_deleted").format(filename)}, 200
     except FileNotFoundError:
         return {"message": gettext("image_not_found").format(filename)}, 400
     except:
         traceback.print_exc()
         return {"message": gettext("image_delete_failed").format(filename)}, 500
Example #10
0
 def delete(cls, filename: str):
     user_id = get_jwt_identity()
     folder = "user_{}".format(user_id)
     if not image_helper.is_filename_safe(filename):
         return {"message": IMAGE_ILLEGAL_FILENAME}
     try:
         os.remove(image_helper.get_path(filename, folder=folder))
         return {"message": IMAGE_DELETED}, 200
     except FileNotFoundError:
         return {"message": IMAGE_NOT_FOUND}, 404
     except:
         traceback.print_exc()
         return {"message": IMAGE_DELETED_FAILED}, 500
Example #11
0
    def get(self, filename: str):
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        if not image_helper.is_filename_safe(filename):
            return {
                "message": gettext("image_FILENAME_NOT_SAFE").format(filename)
            }, 400

        try:
            return send_file(image_helper.get_path(filename, folder=folder))
        except FileNotFoundError:
            return {"message": gettext("image_FILE_NOT_FOUND")}, 404
Example #12
0
    def delete(self, filename: str):
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        if not image_helper.is_filename_safe(filename):
            return {"message": IMAGE_ILLEGAL_FILE_NAME.format(filename)}, 400

        try:
            os.remove(image_helper.get_path(filename, folder=folder))
            return {"message": IMAGE_DELETED.format(filename)}, 200
        except FileNotFoundError:
            return {"message": IMAGE_NOT_FOUND.format(filename)}, 404
        except:
            return {"message": IMAGE_DELETE_FAILED.format(filename)}, 500
Example #13
0
    def get(cls, filename: str):
        """
        Returns the requested image if it exists.
        Looks up inside the logged in user's folder.
        """
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        if not image_helper.if_filename_safe(filename):
            return {"message": f"Illegal filename '{filename}'"}, 400
        try:
            return send_file(image_helper.get_path(filename, folder=folder))
        except FileNotFoundError:
            return {"message": "Image Not Found"}, 404
Example #14
0
    def delete(cls, filename: str):
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        if not image_helper.if_filename_safe(filename):
            return {"message": "Illegal filename '{filename}'"}, 400
        try:
            os.remove(image_helper.get_path(filename, folder=folder))
            return {"message": f"Image {filename} deleted"}, 200
        except FileNotFoundError:
            return {"message": "Image Not Found"}, 404
        except Exception as e:
            print(e)
            return {"message": "Image delete failed."}, 500
 def get(self, filename: str):
     """
     reeturns the requested image if it exists. look only for user pictures
     """
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe(filename):
         return {
             "message": gettext("image_illegal_file_name").format(filename)
         }, 400
     try:
         return send_file(image_helper.get_path(filename, folder=folder))
     except:
         return {"message": gettext("image_not_found")}
Example #16
0
 def get(cls, filename: str):
     """
     This endpoint returns the requested image if exists. It will use JWT to
     retrieve user information and look for the image inside the user's folder.
     """
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     # check if filename is URL secure
     if not image_helper.is_filename_safe(filename):
         return {"message": gettext("image_illegal_file_name").format(filename)}, 400
     try:
         # try to send the requested file to the user with status code 200
         return send_file(image_helper.get_path(filename, folder=folder))
     except FileNotFoundError:
         return {"message": gettext("image_not_found").format(filename)}, 404
Example #17
0
    def get(cls, filename: str):
        """
            Returns the requested image if exists. Looks up into logged in user folder.
        """

        user_id = get_jwt_identity()
        folder = f"user_{user_id}"
        if not image_helper.is_filename_safe(filename):
            return {
                'message': getext('image_illegal_filename').format(filename)
            }, 400

        try:
            return send_file(image_helper.get_path(filename, folder))
        except FileNotFoundError:
            return {'message': getext('image_not_found').format(filename)}, 404
Example #18
0
 def delete(cls, filename: str):
     """
     Allow an user to delete an image 
     """
     user_id = get_jwt_identity()
     folder = f"user_{user_id}"
     if not image_helper.is_filename_safe():
         return {"message": f"Image illegal filename"}, 400
     try:
         os.remove(image_helper.get_path(filename, folder=folder))
         return {"message": "Image Deleted"}, 200
     except FileNotFoundError:
         return {"message": "Image not found"}, 404
     except:
         traceback.print_exc()
         return {"message": " Failed to delete image"}, 500
Example #19
0
    def delete(cls, filename: str):
        """Delete the image based on the file name."""
        folder = f"user_{get_jwt_identity()}"
        if not image_helper.is_filename_safe(filename):
            return {
                "message": gettext("image_illegal_file_name").format(filename)
            }, 400

        try:
            os.remove(image_helper.get_path(filename, folder))
            return {
                "message": gettext("generic_deleted").format(filename)
            }, 200
        except FileNotFoundError:
            return {"message": gettext("image_not_found")}, 404
        except:
            traceback.print_exc()
            return {"message": gettext("image_delete_failed")}, 500
Example #20
0
    def post(cls):
        """
        Used to upload an image to server
        It users JWT to retrieve our information and then
        saves the image to our image folder
        If there's a file name conflict, it'll append the number
        at the end

        """
        data = image_schema.load(request.files)  # {"image":FileStorage}
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"  # static/images
        try:
            image_path = image_helper.save_image(data['image'], folder=folder)
            basename = image_helper.get_path(image_path)
            return {"message": IMAGE_UPLOAD.format(basename)}, 201

        except UploadNotAllowed:
            extension = image_helper.get_extension(data["image"])
            return {"message": IMAGE_ILLEGAL_EXTENSION.format(extension)}, 400
Example #21
0
    def delete(cls, filename: str):
        """
        This endpoint is used to delete the requested image under the user's folder.
        It uses the JWT to retrieve user information.
        """
        user_id = get_jwt_identity()
        folder = f"user_{user_id}"

        # check if filename is URL secure
        if not image_helper.is_filename_safe(filename):
            return {"message": gettext("image_illegal_file_name").format(filename)}, 400

        try:
            os.remove(image_helper.get_path(filename, folder=folder))
            return {"message": gettext("image_deleted").format(filename)}, 200
        except FileNotFoundError:
            return {"message": gettext("image_not_found").format(filename)}, 404
        except:
            traceback.print_exc()
            return {"message": gettext("image_delete_failed")}, 500
Example #22
0
def update(id):
    user = UserModel.find_user_by_id(id)
    if not user:
        flash("User doesn't exist")
    if request.method == 'POST':
        full_names = request.form['full_names']
        image_file = request.files['file']

        error = None

        if not full_names:
            error = "Full Names Required"

        if error is not None:
            flash(error)
        if not image_file:
            flash("Please Attach a file")
        else:

            filename = f"user_{g.user.id}"
            folder = "avatars"
            try:
                ext = image_helper.get_extension(image_file.filename)
                avatar = filename + ext
                image_path = image_helper.save_image(image_file,
                                                     folder=folder,
                                                     name=avatar)
                basename = image_helper.get_path(image_path)
                user.full_names = full_names
                user.profile_pic = image_path
                user.save_to_db()

                #post = PostModel(title=title, posts=body, image_url=image_path, user_id=userModel.id)
                #post.save_to_db()

            except UploadNotAllowed:
                extension = image_helper.get_extension(image_file)
                flash("file with extension {} not allowed".format(extension))

            return redirect(url_for('profile.get', id=user.id))
    return render_template('/profile/edit_profile.html', user=user)