def flash_upload_file(self) :
context = aq_inner(self.context)
request = self.request
self._auth_with_ticket()
file_name = request.form.get("Filename", "")
file_data = request.form.get("Filedata", None)
content_type = mimetypes.guess_type(file_name)[0]
portal_type = request.form.get('typeupload', '')
title = request.form.get("title", None)
description = request.form.get("description", None)
if not portal_type :
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(file_name.lower(), content_type, '') or 'File'
if file_data:
factory = IQuickUploadFileFactory(context)
logger.debug("Uploading file with flash: filename=%s, title=%s, "
"description=%s, content_type=%s, portal_type=%s" % (
file_name, title, description, content_type, portal_type)
)
try :
f = factory(file_name, title, description, content_type, file_data, portal_type)
except :
# XXX todo : improve errors handlers for flashupload
raise
if f['success'] is not None :
o = f['success']
logger.info("file url: %s" % o.absolute_url())
SecurityManagement.setSecurityManager(self.old_sm)
return o.absolute_url()
def find_user(context, userid):
"""Walk up all of the possible acl_users to find the user with the
given userid.
"""
track = set()
acl_users = aq_inner(getToolByName(context, 'acl_users'))
path = '/'.join(acl_users.getPhysicalPath())
logger.debug('Visited acl_users "%s"' % path)
track.add(path)
user = acl_users.getUserById(userid)
while user is None and acl_users is not None:
context = aq_parent(aq_parent(aq_inner(acl_users)))
acl_users = aq_inner(getToolByName(context, 'acl_users'))
if acl_users is not None:
path = '/'.join(acl_users.getPhysicalPath())
logger.debug('Visited acl_users "%s"' % path)
if path in track:
logger.warn('Tried searching an already visited acl_users, '
'"%s". All visited are: %r' % (path, list(track)))
break
track.add(path)
user = acl_users.getUserById(userid)
if user is not None:
user = user.__of__(acl_users)
return user
def header_upload(self):
request = self.request
try:
session = request.get('SESSION', {})
medialabel = session.get('mediaupload',
request.get('mediaupload', 'files'))
except SessionDataManagerErr:
logger.debug('Error occurred getting session data. '
'Falling back to request.')
medialabel = request.get('mediaupload', 'files')
# to improve
if '*.' in medialabel:
medialabel = ''
if not medialabel:
return _('Files Quick Upload')
elif medialabel == 'image':
return _('Images Quick Upload')
else:
return _('label_media_quickupload',
default='${medialabel} Quick Upload',
mapping={
'medialabel':
translate(medialabel.capitalize(),
domain='collective.quickupload',
context=self.request)
})
def header_upload(self):
request = self.request
try:
session = request.get('SESSION', {})
medialabel = session.get(
'mediaupload',
request.get('mediaupload', 'files')
)
except SessionDataManagerErr:
logger.debug('Error occurred getting session data. '
'Falling back to request.')
medialabel = request.get('mediaupload', 'files')
# to improve
if '*.' in medialabel:
medialabel = ''
if not medialabel:
return _('Files Quick Upload')
elif medialabel == 'image':
return _('Images Quick Upload')
else:
return _('label_media_quickupload',
default='${medialabel} Quick Upload',
mapping={'medialabel': translate(
medialabel.capitalize(),
domain='collective.quickupload',
context=self.request)
})
def find_user(context, userid):
"""Walk up all of the possible acl_users to find the user with the
given userid.
"""
track = set()
acl_users = aq_inner(getToolByName(context, 'acl_users'))
path = '/'.join(acl_users.getPhysicalPath())
logger.debug('Visited acl_users "%s"' % path)
track.add(path)
user = acl_users.getUserById(userid)
while user is None and acl_users is not None:
context = aq_parent(aq_parent(aq_inner(acl_users)))
acl_users = aq_inner(getToolByName(context, 'acl_users'))
if acl_users is not None:
path = '/'.join(acl_users.getPhysicalPath())
logger.debug('Visited acl_users "%s"' % path)
if path in track:
logger.warn('Tried searching an already visited acl_users, '
'"%s". All visited are: %r' % (path, list(track)))
break
track.add(path)
user = acl_users.getUserById(userid)
if user is not None:
user = user.__of__(acl_users)
return user
def _clean_session(self):
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug('Error occurred getting session data. Falling back to '
'request.')
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session :
if session.has_key('typeupload') :
session.delete('typeupload')
if session.has_key('mediaupload') :
session.delete('mediaupload')
def __call__(self):
# IE likes to cache this request, don't let it
response = self.request.response
response.setHeader('Cache-Control',
'no-cache, no-store, must-revalidate')
response.setHeader('Pragma', 'no-cache')
response.setHeader('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT')
logger.debug('Getting ready to issue new ticket')
context = aq_inner(self.context)
url = context.absolute_url()
ticket = issueTicket(url)
logger.debug('Issued ticket "%s" for url: %s' % (str(ticket), url))
return ticket
def __call__(self):
# IE likes to cache this request, don't let it
response = self.request.response
response.setHeader('Cache-Control',
'no-cache, no-store, must-revalidate')
response.setHeader('Pragma', 'no-cache')
response.setHeader('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT')
logger.debug('Getting ready to issue new ticket')
context = aq_inner(self.context)
url = context.absolute_url()
ticket = issueTicket(url)
logger.debug('Issued ticket "%s" for url: %s' % (str(ticket), url))
return ticket
def _clean_session(self):
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug(
'Error occurred getting session data. Falling back to '
'request.')
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session:
if session.has_key('typeupload'):
session.delete('typeupload')
if session.has_key('mediaupload'):
session.delete('mediaupload')
def _clean_session(self):
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug(
'Error occurred getting session data. Falling back to request.'
)
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session:
# session does not implement dict API. it's a TransientObject
if session.has_key('typeupload'): # noqa
session.delete('typeupload')
if session.has_key('mediaupload'): # noqa
session.delete('mediaupload')
def _clean_session(self):
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug(
'Error occurred getting session data. Falling back to request.'
)
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session:
# session does not implement dict API. it's a TransientObject
if session.has_key('typeupload'): # noqa
session.delete('typeupload')
if session.has_key('mediaupload'): # noqa
session.delete('mediaupload')
def __init__(self, *args):
base.Renderer.__init__(self, *args)
context = aq_inner(self.context)
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug('Error occurred getting session data. Falling back to '
'request.')
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session :
if session.has_key('typeupload') :
session.delete('typeupload')
if session.has_key('mediaupload') :
session.delete('mediaupload')
self.ploneview = context.restrictedTraverse('@@plone')
self.pm = getToolByName(context, 'portal_membership')
def __init__(self, *args):
base.Renderer.__init__(self, *args)
context = aq_inner(self.context)
request = self.request
try:
session = request.get('SESSION', None)
except SessionDataManagerErr:
logger.debug(
'Error occurred getting session data. Falling back to '
'request.')
session = None
# empty typeupload and mediaupload session
# since the portlet don't use it, but another app could
if session:
if session.has_key('typeupload'):
session.delete('typeupload')
if session.has_key('mediaupload'):
session.delete('mediaupload')
self.ploneview = context.restrictedTraverse('@@plone')
self.pm = getToolByName(context, 'portal_membership')
def header_upload(self):
request = self.request
try:
session = request.get("SESSION", {})
medialabel = session.get("mediaupload", request.get("mediaupload", "files"))
except SessionDataManagerErr:
logger.debug("Error occurred getting session data. " "Falling back to request.")
medialabel = request.get("mediaupload", "files")
# to improve
if "*." in medialabel:
medialabel = ""
if not medialabel:
return _("Files Quick Upload")
elif medialabel == "image":
return _("Images Quick Upload")
else:
return _(
"label_media_quickupload",
default="${medialabel} Quick Upload",
mapping={"medialabel": medialabel.capitalize()},
)
def quick_upload_file(self):
context = aq_inner(self.context)
request = self.request
response = request.RESPONSE
response.setHeader('Expires', 'Sat, 1 Jan 2000 00:00:00 GMT')
response.setHeader('Cache-control', 'no-cache')
# the good content type woul be text/json or text/plain but IE
# do not support it
response.setHeader('Content-Type', 'text/html; charset=utf-8')
# disable diazo themes
request.response.setHeader('X-Theme-Disabled', 'True')
if request.HTTP_X_REQUESTED_WITH:
# using ajax upload
file_name = urllib.unquote(request.HTTP_X_FILE_NAME)
upload_with = "XHR"
try:
file = request.BODYFILE
file_data = file.read()
file.seek(0)
except AttributeError:
# in case of cancel during xhr upload
logger.error("Upload of %s has been aborted", file_name)
# not really useful here since the upload block
# is removed by "cancel" action, but
# could be useful if someone change the js behavior
return json.dumps({u'error': u'emptyError'})
except:
logger.error(
"Error when trying to read the file %s in request",
file_name
)
return json.dumps({u'error': u'serverError'})
else:
# using classic form post method (MSIE<=8)
file = request.get("qqfile", None)
file_data = file.read()
file.seek(0)
filename = getattr(file, 'filename', '')
file_name = filename.split("\\")[-1]
try:
file_name = file_name.decode('utf-8')
except UnicodeDecodeError:
pass
file_name = IUserPreferredFileNameNormalizer(
self.request
).normalize(file_name)
upload_with = "CLASSIC FORM POST"
# we must test the file size in this case (no client test)
if not self._check_file_size(file_data):
logger.info("Test file size: the file %s is too big, upload "
"rejected" % filename)
return json.dumps({u'error': u'sizeError'})
# overwrite file
try:
newid = get_id_from_filename(file_name, context)
except MissingExtension:
return json.dumps({u'error': u'missingExtension'})
if newid in context or file_name in context:
updated_object = context.get(newid, False) or context[file_name]
mtool = getToolByName(context, 'portal_membership')
override_setting = self.qup_prefs.object_override
if override_setting and\
mtool.checkPermission(ModifyPortalContent, updated_object):
can_overwrite = True
else:
can_overwrite = False
if not can_overwrite:
logger.debug(
"The file id for %s already exists, upload rejected"
% file_name
)
return json.dumps({u'error': u'serverErrorAlreadyExists'})
overwritten_file = updated_object
else:
overwritten_file = None
content_type = get_content_type(context, file_data, file_name)
portal_type = getDataFromAllRequests(request, 'typeupload') or ''
title = getDataFromAllRequests(request, 'title') or ''
description = getDataFromAllRequests(request, 'description') or ''
if not portal_type:
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(
file_name.lower(), content_type, ''
) or 'File'
if file_data:
if overwritten_file is not None:
updater = IQuickUploadFileUpdater(context)
logger.info(
"reuploading %s file with %s: title=%s, description=%s, "
"content_type=%s"
% (overwritten_file.absolute_url(), upload_with, title,
description, content_type))
try:
f = updater(overwritten_file, file_name, title,
description, content_type, file_data)
except Exception, e:
logger.error(
"Error updating %s file: %s", file_name, str(e)
)
return json.dumps({u'error': u'serverError'})
else:
factory = IQuickUploadFileFactory(context)
logger.info(
"uploading file with %s: filename=%s, title=%s, "
"description=%s, content_type=%s, portal_type=%s"
% (upload_with, file_name, title,
description, content_type, portal_type))
try:
f = factory(file_name, title, description, content_type,
file_data, portal_type)
except Exception, e:
logger.error(
"Error creating %s file: %s", file_name, str(e)
)
return json.dumps({u'error': u'serverError'})
def upload_settings(self):
context = aq_inner(self.context)
request = self.request
try:
session = request.get('SESSION', {})
mediaupload = session.get(
'mediaupload', request.get('mediaupload', ''))
typeupload = session.get(
'typeupload', request.get('typeupload', ''))
except SessionDataManagerErr:
logger.debug(
'Error occurred getting session data. Falling back to request.'
)
mediaupload = request.get('mediaupload', '')
typeupload = request.get('typeupload', '')
portal_url = getToolByName(context, 'portal_url')()
# use a ticket for authentication (used for flashupload only)
ticket = context.restrictedTraverse('@@quickupload_ticket')()
settings = dict(
ticket = ticket,
portal_url = portal_url,
typeupload = '',
context_url = context.absolute_url(),
physical_path = "/".join(context.getPhysicalPath()),
ul_id = self.uploader_id,
ul_fill_titles = self.qup_prefs.fill_titles and 'true' or 'false',
ul_fill_descriptions = self.qup_prefs.fill_descriptions and 'true' or 'false',
ul_auto_upload = self.qup_prefs.auto_upload and 'true' or 'false',
ul_size_limit = self.qup_prefs.size_limit and str(self.qup_prefs.size_limit*1024) or '',
ul_xhr_size_limit = self.qup_prefs.size_limit and str(self.qup_prefs.size_limit*1024) or '0',
ul_sim_upload_limit = str(self.qup_prefs.sim_upload_limit),
ul_object_override = self.qup_prefs.object_override and 'true' or 'false',
ul_button_text = self._translate(_(u'Browse')),
ul_draganddrop_text = self._translate(_(u'Drag and drop files to upload')),
ul_msg_all_sucess = self._translate(_(u'All files uploaded with success.')),
ul_msg_some_sucess = self._translate(_(u' files uploaded with success, ')),
ul_msg_some_errors = self._translate(_(u" uploads return an error.")),
ul_msg_failed = self._translate(_(u"Failed")),
ul_error_try_again_wo = self._translate(_(u"please select files again without it.")),
ul_error_try_again = self._translate(_(u"please try again.")),
ul_error_empty_file = self._translate(_(u"Selected elements contain an empty file or a folder:")),
ul_error_empty_extension = self._translate(_(u"This file has no extension:")),
ul_error_file_large = self._translate(_(u"This file is too large:")),
ul_error_maxsize_is = self._translate(_(u"maximum file size is:")),
ul_error_bad_ext = self._translate(_(u"This file has invalid extension:")),
ul_error_onlyallowed = self._translate(_(u"Only allowed:")),
ul_error_no_permission = self._translate(_(u"You don't have permission to add this content in this place.")),
ul_error_disallowed_type = self._translate(_(u"This type of element is not allowed in this folder.",)),
ul_error_already_exists = self._translate(_(u"This file already exists with the same name on server:")),
ul_error_zodb_conflict = self._translate(_(u"A data base conflict error happened when uploading this file:")),
ul_error_server = self._translate(_(u"Server error, please contact support and/or try again.")),
)
settings['typeupload'] = typeupload
if typeupload:
imageTypes = _listTypesForInterface(context, 'image')
if typeupload in imageTypes:
ul_content_types_infos = self.ul_content_types_infos('image')
else:
ul_content_types_infos = self.ul_content_types_infos(
mediaupload
)
else:
ul_content_types_infos = self.ul_content_types_infos(mediaupload)
settings['ul_file_extensions'] = ul_content_types_infos[0]
settings['ul_file_extensions_list'] = str(ul_content_types_infos[1])
settings['ul_file_description'] = ul_content_types_infos[2]
return settings
def quick_upload_file(self):
context = aq_inner(self.context)
request = self.request
response = request.RESPONSE
response.setHeader('Expires', 'Sat, 1 Jan 2000 00:00:00 GMT')
response.setHeader('Cache-control', 'no-cache')
# application/json is not supported by old IEs but text/html fails in
# every browser with plone.protect 3.0.11
response.setHeader('Content-Type', 'application/json; charset=utf-8')
# disable diazo themes and csrf protection
request.response.setHeader('X-Theme-Disabled', 'True')
if request.HTTP_X_REQUESTED_WITH:
# using ajax upload
file_name = urllib.unquote(request.HTTP_X_FILE_NAME)
upload_with = "XHR"
try:
file = request.BODYFILE
file_data = file.read()
file.seek(0)
except AttributeError:
# in case of cancel during xhr upload
logger.error("Upload of %s has been aborted", file_name)
# not really useful here since the upload block
# is removed by "cancel" action, but
# could be useful if someone change the js behavior
return json.dumps({u'error': u'emptyError'})
except:
logger.error(
"Error when trying to read the file %s in request",
file_name
)
return json.dumps({u'error': u'serverError'})
else:
# using classic form post method (MSIE<=8)
file = request.get("qqfile", None)
file_data = file.read()
file.seek(0)
filename = getattr(file, 'filename', '')
file_name = filename.split("\\")[-1]
try:
file_name = file_name.decode('utf-8')
except UnicodeDecodeError:
pass
file_name = IUserPreferredFileNameNormalizer(
self.request
).normalize(file_name)
upload_with = "CLASSIC FORM POST"
# we must test the file size in this case (no client test)
if not self._check_file_size(file):
logger.info("Test file size: the file %s is too big, upload "
"rejected" % filename)
return json.dumps({u'error': u'sizeError'})
# overwrite file
try:
newid = get_id_from_filename(
file_name, context, unique=self.qup_prefs.object_unique_id)
except MissingExtension:
return json.dumps({u'error': u'missingExtension'})
if (newid in context or file_name in context) and \
not self.qup_prefs.object_unique_id:
updated_object = context.get(newid, False) or context[file_name]
mtool = getToolByName(context, 'portal_membership')
override_setting = self.qup_prefs.object_override
if override_setting and\
mtool.checkPermission(ModifyPortalContent, updated_object):
can_overwrite = True
else:
can_overwrite = False
if not can_overwrite:
logger.debug(
"The file id for %s already exists, upload rejected"
% file_name
)
return json.dumps({u'error': u'serverErrorAlreadyExists'})
overwritten_file = updated_object
else:
overwritten_file = None
content_type = get_content_type(context, file_data, file_name)
portal_type = getDataFromAllRequests(request, 'typeupload') or ''
title = getDataFromAllRequests(request, 'title') or ''
description = getDataFromAllRequests(request, 'description') or ''
if not title.strip() and self.qup_prefs.id_as_title:
title = newid
if not portal_type:
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(
file_name.lower(), content_type, ''
) or 'File'
if file_data:
if overwritten_file is not None:
updater = IQuickUploadFileUpdater(context)
logger.info(
"reuploading %s file with %s: title=%s, description=%s, "
"content_type=%s"
% (overwritten_file.absolute_url(), upload_with, title,
description, content_type))
try:
f = updater(overwritten_file, file_name, title,
description, content_type, file_data)
except ConflictError:
# Allow Zope to retry up to three times, and if that still
# fails, handle ConflictErrors on client side if necessary
raise
except Exception as e:
logger.error(
"Error updating %s file: %s", file_name, str(e)
)
return json.dumps({u'error': u'serverError'})
else:
factory = IQuickUploadFileFactory(context)
logger.info(
"uploading file with %s: filename=%s, title=%s, "
"description=%s, content_type=%s, portal_type=%s"
% (upload_with, file_name, title,
description, content_type, portal_type))
try:
f = factory(file_name, title, description, content_type,
file_data, portal_type)
except ConflictError:
# Allow Zope to retry up to three times, and if that still
# fails, handle ConflictErrors on client side if necessary
raise
except Exception as e:
logger.error(
"Error creating %s file: %s", file_name, str(e)
)
return json.dumps({u'error': u'serverError'})
if f['success'] is not None:
o = f['success']
logger.info("file url: %s" % o.absolute_url())
if HAS_UUID:
uid = IUUID(o)
else:
uid = o.UID()
msg = {
u'success': True,
u'uid': uid,
u'name': o.getId(),
u'title': o.pretty_title_or_id()
}
else:
msg = {u'error': f['error']}
else:
msg = {u'error': u'emptyError'}
return json.dumps(msg)
def quick_upload_file(self) :
context = aq_inner(self.context)
request = self.request
response = request.RESPONSE
response.setHeader('Expires', 'Sat, 1 Jan 2000 00:00:00 GMT')
response.setHeader('Cache-control', 'no-cache')
# the good content type woul be text/json or text/plain but IE
# do not support it
response.setHeader('Content-Type', 'text/html; charset=utf-8')
# disable diazo themes
request.response.setHeader('X-Theme-Disabled', 'True')
if request.HTTP_X_REQUESTED_WITH :
# using ajax upload
file_name = urllib.unquote(request.HTTP_X_FILE_NAME)
upload_with = "XHR"
try :
file = request.BODYFILE
file_data = file.read()
file.seek(0)
except AttributeError :
# in case of cancel during xhr upload
logger.error("Upload of %s has been aborted", file_name)
# not really useful here since the upload block
# is removed by "cancel" action, but
# could be useful if someone change the js behavior
return json.dumps({u'error': u'emptyError'})
except :
logger.error("Error when trying to read the file %s in request", file_name)
return json.dumps({u'error': u'serverError'})
else :
# using classic form post method (MSIE<=8)
file_data = request.get("qqfile", None)
filename = getattr(file_data,'filename', '')
file_name = filename.split("\\")[-1]
try:
file_name = file_name.decode('utf-8')
except UnicodeDecodeError:
pass
file_name = IUserPreferredFileNameNormalizer(self.request
).normalize(file_name)
upload_with = "CLASSIC FORM POST"
# we must test the file size in this case (no client test)
if not self._check_file_size(file_data) :
logger.info("Test file size : the file %s is too big, upload rejected" % filename)
return json.dumps({u'error': u'sizeError'})
# overwrite file
try:
newid = get_id_from_filename(file_name, context)
except MissingExtension:
return json.dumps({u'error': u'missingExtension'})
if newid in context or file_name in context:
updated_object = context.get(newid, False) or context[file_name]
mtool = getToolByName(context, 'portal_membership')
if mtool.checkPermission(ModifyPortalContent, updated_object):
can_overwrite = True
else:
can_overwrite = False
if not can_overwrite:
logger.debug("The file id for %s already exists, upload rejected" % file_name)
return json.dumps({u'error': u'serverErrorAlreadyExists'})
overwritten_file = updated_object
else:
overwritten_file = None
content_type = mimetypes.guess_type(file_name)[0]
# sometimes plone mimetypes registry could be more powerful
if not content_type :
mtr = getToolByName(context, 'mimetypes_registry')
oct = mtr.globFilename(file_name)
if oct is not None :
content_type = str(oct)
portal_type = getDataFromAllRequests(request, 'typeupload') or ''
title = getDataFromAllRequests(request, 'title') or ''
description = getDataFromAllRequests(request, 'description') or ''
if not portal_type :
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(file_name.lower(), content_type, '') or 'File'
if file_data:
if overwritten_file is not None:
updater = IQuickUploadFileUpdater(context)
logger.info("reuploading %s file with %s : title=%s, description=%s, content_type=%s" % \
(overwritten_file.absolute_url(), upload_with, title, description, content_type))
try :
f = updater(overwritten_file, file_name, title,
description, content_type, file_data)
except Exception, e:
logger.error("Error updating %s file : %s", file_name, str(e))
return json.dumps({u'error': u'serverError'})
else:
factory = IQuickUploadFileFactory(context)
logger.info("uploading file with %s : filename=%s, title=%s, description=%s, content_type=%s, portal_type=%s" % \
(upload_with, file_name, title, description, content_type, portal_type))
try :
f = factory(file_name, title, description, content_type, file_data, portal_type)
except Exception, e:
logger.error("Error creating %s file : %s", file_name, str(e))
return json.dumps({u'error': u'serverError'})
def upload_settings(self):
context = aq_inner(self.context)
request = self.request
try:
session = request.get('SESSION', {})
mediaupload = session.get('mediaupload',
request.get('mediaupload', ''))
typeupload = session.get('typeupload',
request.get('typeupload', ''))
except SessionDataManagerErr:
logger.debug('Error occurred getting session data. Falling back to '
'request.')
mediaupload = request.get('mediaupload', '')
typeupload = request.get('typeupload', '')
portal_url = getToolByName(context, 'portal_url')()
# use a ticket for authentication (used for flashupload only)
ticket = context.restrictedTraverse('@@quickupload_ticket')()
settings = dict(
ticket = ticket,
portal_url = portal_url,
typeupload = '',
context_url = context.absolute_url(),
physical_path = "/".join(context.getPhysicalPath()),
ul_id = self.uploader_id,
ul_fill_titles = self.qup_prefs.fill_titles and 'true' or 'false',
ul_fill_descriptions = self.qup_prefs.fill_descriptions and 'true' or 'false',
ul_auto_upload = self.qup_prefs.auto_upload and 'true' or 'false',
ul_size_limit = self.qup_prefs.size_limit and str(self.qup_prefs.size_limit*1024) or '',
ul_xhr_size_limit = self.qup_prefs.size_limit and str(self.qup_prefs.size_limit*1024) or '0',
ul_sim_upload_limit = str(self.qup_prefs.sim_upload_limit),
ul_button_text = self._translate(_(u'Browse')),
ul_draganddrop_text = self._translate(_(u'Drag and drop files to upload')),
ul_msg_all_sucess = self._translate(_(u'All files uploaded with success.')),
ul_msg_some_sucess = self._translate(_(u' files uploaded with success, ')),
ul_msg_some_errors = self._translate(_(u" uploads return an error.")),
ul_msg_failed = self._translate(_(u"Failed")),
ul_error_try_again_wo = self._translate(_(u"please select files again without it.")),
ul_error_try_again = self._translate(_(u"please try again.")),
ul_error_empty_file = self._translate(_(u"Selected elements contain an empty file or a folder:")),
ul_error_empty_extension = self._translate(_(u"This file has no extension:")),
ul_error_file_large = self._translate(_(u"This file is too large:")),
ul_error_maxsize_is = self._translate(_(u"maximum file size is:")),
ul_error_bad_ext = self._translate(_(u"This file has invalid extension:")),
ul_error_onlyallowed = self._translate(_(u"Only allowed:")),
ul_error_no_permission = self._translate(_(u"You don't have permission to add this content in this place.")),
ul_error_disallowed_type = self._translate(_(u"This type of element is not allowed in this folder.",)),
ul_error_already_exists = self._translate(_(u"This file already exists with the same name on server:")),
ul_error_zodb_conflict = self._translate(_(u"A data base conflict error happened when uploading this file:")),
ul_error_server = self._translate(_(u"Server error, please contact support and/or try again.")),
)
settings['typeupload'] = typeupload
if typeupload :
imageTypes = _listTypesForInterface(context, IImageContent)
if typeupload in imageTypes :
ul_content_types_infos = self.ul_content_types_infos('image')
else :
ul_content_types_infos = self.ul_content_types_infos(mediaupload)
else :
ul_content_types_infos = self.ul_content_types_infos(mediaupload)
settings['ul_file_extensions'] = ul_content_types_infos[0]
settings['ul_file_extensions_list'] = str(ul_content_types_infos[1])
settings['ul_file_description'] = ul_content_types_infos[2]
return settings
def quick_upload_file(self):
context = aq_inner(self.context)
request = self.request
response = request.RESPONSE
response.setHeader('Expires', 'Sat, 1 Jan 2000 00:00:00 GMT')
response.setHeader('Cache-control', 'no-cache')
# application/json is not supported by old IEs but text/html fails in
# every browser with plone.protect 3.0.11
response.setHeader('Content-Type', 'application/json; charset=utf-8')
# disable diazo themes and csrf protection
request.response.setHeader('X-Theme-Disabled', 'True')
if request.HTTP_X_REQUESTED_WITH:
# using ajax upload
file_name = urllib.unquote(request.HTTP_X_FILE_NAME)
upload_with = "XHR"
try:
file = request.BODYFILE
file_data = file.read()
file.seek(0)
except AttributeError:
# in case of cancel during xhr upload
logger.error("Upload of %s has been aborted", file_name)
# not really useful here since the upload block
# is removed by "cancel" action, but
# could be useful if someone change the js behavior
return json.dumps({u'error': u'emptyError'})
except:
logger.error(
"Error when trying to read the file %s in request",
file_name)
return self._error_response(u'serverError')
else:
# using classic form post method (MSIE<=8)
file = request.get("qqfile", None)
file_data = file.read()
file.seek(0)
filename = getattr(file, 'filename', '')
file_name = filename.split("\\")[-1]
try:
file_name = file_name.decode('utf-8')
except UnicodeDecodeError:
pass
file_name = IUserPreferredFileNameNormalizer(
self.request).normalize(file_name)
upload_with = "CLASSIC FORM POST"
# we must test the file size in this case (no client test)
if not self._check_file_size(file):
logger.info("Test file size: the file %s is too big, upload "
"rejected" % filename)
return self._error_response(u'sizeError')
# overwrite file
try:
newid = get_id_from_filename(
file_name, context, unique=self.qup_prefs.object_unique_id)
except MissingExtension:
return self._error_response(u'missingExtension')
if (newid in context or file_name in context) and \
not self.qup_prefs.object_unique_id:
updated_object = context.get(newid, False) or context[file_name]
mtool = getToolByName(context, 'portal_membership')
override_setting = self.qup_prefs.object_override
if override_setting and\
mtool.checkPermission(ModifyPortalContent, updated_object):
can_overwrite = True
else:
can_overwrite = False
if not can_overwrite:
logger.debug(
"The file id for %s already exists, upload rejected" %
file_name)
return self._error_response(u'serverErrorAlreadyExists')
overwritten_file = updated_object
else:
overwritten_file = None
content_type = get_content_type(context, file_data, file_name)
portal_type = getDataFromAllRequests(request, 'typeupload') or ''
title = getDataFromAllRequests(request, 'title') or ''
description = getDataFromAllRequests(request, 'description') or ''
if not title.strip() and self.qup_prefs.id_as_title:
title = newid
if not portal_type:
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(file_name.lower(), content_type,
'') or 'File'
if not file_data:
return self._error_response(u'emptyError')
if overwritten_file is not None:
updater = IQuickUploadFileUpdater(context)
logger.info(
"reuploading %s file with %s: title=%s, description=%s, "
"content_type=%s" %
(overwritten_file.absolute_url(), upload_with, title,
description, content_type))
try:
f = updater(overwritten_file, file_name, title, description,
content_type, file_data)
except ConflictError:
# Allow Zope to retry up to three times, and if that still
# fails, handle ConflictErrors on client side if necessary
raise
except Exception as e:
logger.error("Error updating %s file: %s", file_name, str(e))
return self._error_response(u'serverError')
else:
factory = IQuickUploadFileFactory(context)
logger.info("uploading file with %s: filename=%s, title=%s, "
"description=%s, content_type=%s, portal_type=%s" %
(upload_with, file_name, title, description,
content_type, portal_type))
try:
f = factory(file_name, title, description, content_type,
file_data, portal_type)
except ConflictError:
# Allow Zope to retry up to three times, and if that still
# fails, handle ConflictErrors on client side if necessary
raise
except Exception as e:
logger.error("Error creating %s file: %s", file_name, str(e))
return self._error_response(u'serverError')
if f['success'] is None:
return self._error_response(f['error'])
obj = f['success']
logger.info("file url: %s" % obj.absolute_url())
return self._success_response(obj)
def quick_upload_file(self) :
context = aq_inner(self.context)
request = self.request
response = request.RESPONSE
response.setHeader('Expires', 'Sat, 1 Jan 2000 00:00:00 GMT')
response.setHeader('Cache-control', 'no-cache')
# the good content type woul be text/json or text/plain but IE
# do not support it
response.setHeader('Content-Type', 'text/html; charset=utf-8')
# disable diazo themes
request.response.setHeader('X-Theme-Disabled', 'True')
if request.HTTP_X_REQUESTED_WITH :
# using ajax upload
file_name = urllib.unquote(request.HTTP_X_FILE_NAME)
upload_with = "XHR"
try :
file = request.BODYFILE
file_data = file.read()
file.seek(0)
except AttributeError :
# in case of cancel during xhr upload
logger.error("Upload of %s has been aborted", file_name)
# not really useful here since the upload block
# is removed by "cancel" action, but
# could be useful if someone change the js behavior
return json.dumps({u'error': u'emptyError'})
except :
logger.error("Error when trying to read the file %s in request", file_name)
return json.dumps({u'error': u'serverError'})
else :
# using classic form post method (MSIE<=8)
file_data = request.get("qqfile", None)
filename = getattr(file_data,'filename', '')
file_name = filename.split("\\")[-1]
file_name = IUserPreferredFileNameNormalizer(self.request
).normalize(file_name)
upload_with = "CLASSIC FORM POST"
# we must test the file size in this case (no client test)
if not self._check_file_size(file_data) :
logger.info("Test file size : the file %s is too big, upload rejected" % filename)
return json.dumps({u'error': u'sizeError'})
if not self._check_file_id(file_name) or file_name in context:
logger.debug("The file id for %s already exists, upload rejected" % file_name)
return json.dumps({u'error': u'serverErrorAlreadyExists'})
content_type = mimetypes.guess_type(file_name)[0]
# sometimes plone mimetypes registry could be more powerful
if not content_type :
mtr = getToolByName(context, 'mimetypes_registry')
oct = mtr.globFilename(file_name)
if oct is not None :
content_type = str(oct)
portal_type = getDataFromAllRequests(request, 'typeupload') or ''
title = getDataFromAllRequests(request, 'title') or ''
description = getDataFromAllRequests(request, 'description') or ''
if not portal_type :
ctr = getToolByName(context, 'content_type_registry')
portal_type = ctr.findTypeName(file_name.lower(), content_type, '') or 'File'
if file_data:
factory = IQuickUploadFileFactory(context)
logger.info("uploading file with %s : filename=%s, title=%s, description=%s, content_type=%s, portal_type=%s" % \
(upload_with, file_name, title, description, content_type, portal_type))
try :
f = factory(file_name, title, description, content_type, file_data, portal_type)
except Exception, e:
logger.error("Error creating %s file : %s", file_name, str(e))
return json.dumps({u'error': u'serverError'})
if f['success'] is not None :
o = f['success']
logger.info("file url: %s" % o.absolute_url())
msg = {
u'success': True,
u'uid': o.UID(),
u'name': o.getId(),
u'title': o.pretty_title_or_id()
}
else :
msg = {u'error': f['error']}
