def test_get_media_url(self): # If provided prefix URL with CKEDITOR_UPLOAD_PREFIX. settings.CKEDITOR_UPLOAD_PREFIX = '/media/ckuploads/' prefix_url = '/media/ckuploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == prefix_url) # If CKEDITOR_UPLOAD_PREFIX is not provided, the media URL will fall back to MEDIA_URL with the difference of MEDIA_ROOT and the uploaded resource's full path and filename appended. settings.CKEDITOR_UPLOAD_PREFIX = None no_prefix_url = '/media/uploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == no_prefix_url) # Resulting URL should never include '//'. self.failIf('//' in views.get_media_url(self.test_path))
def test_get_media_url(self): # If provided prefix URL with CKEDITOR_UPLOAD_PREFIX. settings.CKEDITOR_UPLOAD_PREFIX = '/media/ckuploads/' prefix_url = '/media/ckuploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == prefix_url) # If CKEDITOR_UPLOAD_PREFIX is not provided, the media URL will fall back to MEDIA_URL with the difference of MEDIA_ROOT and the uploaded resource's full path and filename appended. settings.CKEDITOR_UPLOAD_PREFIX = None no_prefix_url = '/media/uploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == no_prefix_url) # Resulting URL should never include '//'. self.failIf('//' in views.get_media_url(self.test_path))
def test_get_media_url(self): # If provided prefix URL with CKEDITOR_UPLOAD_PREFIX. settings.CKEDITOR_UPLOAD_PREFIX = '/media/ckuploads/' prefix_url = '/media/ckuploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == prefix_url) # If CKEDITOR_UPLOAD_PREFIX is not provided, the media URL will fall # back to MEDIA_URL with the difference of MEDIA_ROOT and the # uploaded resource's full path and filename appended. settings.CKEDITOR_UPLOAD_PREFIX = None no_prefix_url = '/media/uploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == no_prefix_url) # Resulting URL should never include '//' outside of schema. settings.CKEDITOR_UPLOAD_PREFIX = \ 'https://test.com//media////ckuploads/' multi_slash_path = '//multi//////slash//path////' self.failUnlessEqual( \ 'https://test.com/media/ckuploads/multi/slash/path/', \ views.get_media_url(multi_slash_path))
def test_get_media_url(self): # If provided prefix URL with CKEDITOR_UPLOAD_PREFIX. settings.CKEDITOR_UPLOAD_PREFIX = '/media/ckuploads/' prefix_url = '/media/ckuploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == prefix_url) # If CKEDITOR_UPLOAD_PREFIX is not provided, the media URL will fall # back to MEDIA_URL with the difference of MEDIA_ROOT and the # uploaded resource's full path and filename appended. settings.CKEDITOR_UPLOAD_PREFIX = None no_prefix_url = '/media/uploads/arbitrary/path/and/filename.ext' self.failUnless(views.get_media_url(self.test_path) == no_prefix_url) # Resulting URL should never include '//' outside of schema. settings.CKEDITOR_UPLOAD_PREFIX = \ 'https://test.com//media////ckuploads/' multi_slash_path = '//multi//////slash//path////' self.failUnlessEqual(\ 'https://test.com/media/ckuploads/multi/slash/path/', \ views.get_media_url(multi_slash_path))
def upload_file(request, image_upload=False): # Get the uploaded file from request. upload = request.FILES['upload'] func_num = request.GET['CKEditorFuncNum'] upload_ext = os.path.splitext(upload.name)[1].lower() if image_upload: valid_extensions = settings.CKEDITOR_IMAGE_UPLOAD_EXTENSIONS else: valid_extensions = settings.CKEDITOR_FILE_UPLOAD_EXTENSIONS if upload_ext in valid_extensions: # Open output file in which to store upload. upload_filename = get_upload_filename(upload.name, request.user, image_upload) out = open(upload_filename, 'wb+') # Iterate through chunks and write to destination. for chunk in upload.chunks(): out.write(chunk) out.close() if image_upload: create_thumbnail(upload_filename) # Respond with Javascript sending ckeditor upload url. url = get_media_url(upload_filename) response = HttpResponse(""" <script type='text/javascript'> window.parent.CKEDITOR.tools.callFunction(%s, '%s'); </script>""" % (func_num, url)) else: # Respond with JavaScript sending error msg to ckeditor dialog. msg = _('Extension %(ext)s is not allowed. ') msg += _('Only %(allowed)s are allowed.') kwargs = {'ext': upload_ext, 'allowed': ", ".join(valid_extensions)} response = HttpResponse(""" <script type='text/javascript'> window.parent.CKEDITOR.tools.callFunction(%s, '', '%s'); </script>""" % (func_num, msg % kwargs)) response['X-Frame-Options'] = 'SAMEORIGIN' return response
def upload_file(request, image_upload=False): # Get the uploaded file from request. upload = request.FILES['upload'] func_num = request.GET['CKEditorFuncNum'] upload_ext = os.path.splitext(upload.name)[1].lower() if image_upload: valid_extensions = settings.CKEDITOR_IMAGE_UPLOAD_EXTENSIONS else: valid_extensions = settings.CKEDITOR_FILE_UPLOAD_EXTENSIONS if upload_ext in valid_extensions: # Open output file in which to store upload. upload_filename = get_upload_filename(upload.name, request.user, image_upload) out = open(upload_filename, 'wb+') # Iterate through chunks and write to destination. for chunk in upload.chunks(): out.write(chunk) out.close() if image_upload: create_thumbnail(upload_filename) # Respond with Javascript sending ckeditor upload url. url = get_media_url(upload_filename) response = HttpResponse(""" <script type='text/javascript'> window.parent.CKEDITOR.tools.callFunction(%s, '%s'); </script>""" % (func_num, url)) else: # Respond with JavaScript sending error msg to ckeditor dialog. msg = _('Extension %(ext)s is not allowed. ') msg += _('Only %(allowed)s are allowed.') kwargs = {'ext': upload_ext, 'allowed': ", ".join(valid_extensions)} response = HttpResponse(""" <script type='text/javascript'> window.parent.CKEDITOR.tools.callFunction(%s, '', '%s'); </script>""" % (func_num, msg % kwargs)) response['X-Frame-Options'] = 'SAMEORIGIN' return response
def upload_file(request): # Get the uploaded file from request. upload = request.FILES['upload'] # Open output file in which to store upload. upload_filename = get_upload_filename(upload.name, request.user) out = open(upload_filename, 'wb+') # Iterate through chunks and write to destination. for chunk in upload.chunks(): out.write(chunk) out.close() # Respond with Javascript sending ckeditor upload url. url = get_media_url(upload_filename) response = HttpResponse(""" <script type='text/javascript'> window.parent.CKEDITOR.tools.callFunction(%s, '%s'); </script>""" % (request.GET['CKEditorFuncNum'], url)) response['X-Frame-Options'] = 'SAMEORIGIN' return response
def get_file_browse_urls(user=None): """ Recursively walks all dirs under file upload dir and generates a list of relative paths and full file URL's for each file found. """ files = [] # If a user is provided and CKEDITOR_RESTRICT_BY_USER is True, # limit images to user specific path, but not for superusers. restrict_by_user = getattr(settings, 'CKEDITOR_RESTRICT_BY_USER', False) if user and not user.is_superuser and restrict_by_user: user_path = user.username else: user_path = '' browse_path = os.path.join(settings.CKEDITOR_FILE_UPLOAD_PATH, user_path) for root, dirs, filenames in os.walk(browse_path): for filename in [os.path.join(root, x) for x in filenames]: files.append((get_media_url(filename), filename[len(browse_path) + 1:])) return files
def get_file_browse_urls(user=None): """ Recursively walks all dirs under file upload dir and generates a list of relative paths and full file URL's for each file found. """ files = [] # If a user is provided and CKEDITOR_RESTRICT_BY_USER is True, # limit images to user specific path, but not for superusers. restrict_by_user = getattr(settings, 'CKEDITOR_RESTRICT_BY_USER', False) if user and not user.is_superuser and restrict_by_user: user_path = user.username else: user_path = '' browse_path = os.path.join(settings.CKEDITOR_FILE_UPLOAD_PATH, user_path) for root, dirs, filenames in os.walk(browse_path): for filename in [os.path.join(root, x) for x in filenames]: files.append( (get_media_url(filename), filename[len(browse_path):])) return files