def upload_attachments(attachments, folder, creator, request):
""" This creates *and removes* attachments based on information
retrieved from a form"""
for attachment in attachments:
if attachment.filename:
mimetype = get_upload_mimetype(attachment)
filename = make_unique_name(
folder,
basename_of_filepath(attachment.filename)
)
folder[filename] = obj = create_content(
ICommunityFile,
title = filename,
stream = attachment.file,
mimetype = mimetype,
filename = filename,
creator = creator,
)
max_size = int(get_setting(folder, 'upload_limit', 0))
if max_size and obj.size > max_size:
msg = 'File size exceeds upload limit of %d.' % max_size
raise ValueError(msg)
else:
meta = attachment.metadata
if meta.get('remove') and meta.get('default'):
name = meta['default']
if name in folder:
ob = folder[name]
if has_permission('delete', ob, request):
del folder[name]
def upload_attachments(attachments, folder, creator, request):
""" This creates *and removes* attachments based on information
retrieved from a form"""
for attachment in attachments:
if attachment.filename:
mimetype = get_upload_mimetype(attachment)
filename = make_unique_name(
folder, basename_of_filepath(attachment.filename))
folder[filename] = obj = create_content(
ICommunityFile,
title=filename,
stream=attachment.file,
mimetype=mimetype,
filename=filename,
creator=creator,
)
max_size = int(get_setting(folder, 'upload_limit', 0))
if max_size and obj.size > max_size:
msg = 'File size exceeds upload limit of %d.' % max_size
raise ValueError(msg)
else:
meta = attachment.metadata
if meta.get('remove') and meta.get('default'):
name = meta['default']
if name in folder:
ob = folder[name]
if has_permission('delete', ob, request):
del folder[name]
def store_attachments(attachments_folder, params, creator):
"""Given some request data, pick apart and store attachments"""
# Get the attachments out of the form data. We do iteritems
# becauser there might be multiple with the name prefixed by
# attachment.
new_attachments = []
for key, value in params.iteritems():
if key.startswith('attachment') and value != '':
new_attachments.append(value)
# Iterate through the new attachments and create content to store in
# the attachments folder.
for attachment in new_attachments:
filename = make_unique_name(attachments_folder,
basename_of_filepath(attachment.filename))
attachments_folder[filename] = obj = create_content(
ICommunityFile,
title = filename,
stream = attachment.file,
mimetype = attachment.type,
filename = filename,
creator = creator,
)
check_upload_size(attachments_folder, obj, 'attachment')
def handle_submit(self, converted):
request = self.request
context = self.context
workflow = self.workflow
creator = authenticated_userid(request)
f = converted['file']
if not f.file:
raise ValidationError(file='Must upload a file')
file = create_content(ICommunityFile,
title=converted['title'],
stream=f.file,
mimetype=get_mimetype(f.mimetype, f.filename),
filename=f.filename,
creator=creator,
)
self.check_upload_size(context, file, 'file')
# For file objects, OSI's policy is to store the upload file's
# filename as the objectid, instead of basing __name__ on the
# title field).
filename = basename_of_filepath(f.filename)
file.filename = filename
name = make_name(context, filename, raise_error=False)
if not name:
msg = 'The filename must not be empty'
raise ValidationError(file=msg)
# Is there a key in context with that filename?
if name in context:
msg = 'Filename %s already exists in this folder' % filename
raise ValidationError(file=msg)
context[name] = file
if workflow is not None:
workflow.initialize(file)
if 'security_state' in converted:
workflow.transition_to_state(file, request,
converted['security_state'])
# Tags, attachments, alerts
set_tags(file, request, converted['tags'])
if converted.get('sendalert'):
alerts = queryUtility(IAlerts, default=Alerts())
alerts.emit(file, request)
self.filestore.clear()
location = model_url(file, request)
return HTTPFound(location=location)
def test_it(self):
from karl.views.utils import basename_of_filepath
self.assertEqual(basename_of_filepath('c:\\dos\\autorun.bat'),
'autorun.bat')
self.assertEqual(basename_of_filepath('/home/user/myimage.jpg'),
'myimage.jpg')
def drawer_upload_view(context, request,
check_upload_size=check_upload_size,
get_image_info=get_image_info,
batch_images=batch_images,
):
"""Drawer posts a file with the parameter name "file".
"""
## XXX The rest is copied from add_file_view. A common denominator
## would be desirable.
creator = authenticated_userid(request)
fieldstorage = request.params.get('file')
if not hasattr(fieldstorage, 'filename'):
msg = 'You must select a file before clicking Upload.'
return dict(error = msg)
# For file objects, OSI's policy is to store the upload file's
# filename as the objectid, instead of basing __name__ on the
# title field).
filename = basename_of_filepath(fieldstorage.filename)
stream = fieldstorage.file
# use parameter, as the title (or basename, if missing).
title = request.params.get('title', filename)
image = create_content(ICommunityFile,
title=title,
stream=stream,
mimetype=get_upload_mimetype(fieldstorage),
filename=fieldstorage.filename,
creator=creator,
)
# Check if it's an image.
if not IImage.providedBy(image):
msg = 'File %s is not an image' % filename
return dict(error=msg)
check_upload_size(context, image, 'file')
if hasattr(context, 'get_attachments'):
target_folder = context.get_attachments()
if not has_permission('create', target_folder, request):
msg = 'You do not have permission to upload files here.'
return dict(error=msg)
image.filename = filename
name = make_name(target_folder, filename, raise_error=False)
if not name:
msg = 'The filename must not be empty'
return dict(error=msg)
# Is there a key in context with that filename?
if name in target_folder:
msg = 'Filename %s already exists in this folder' % filename
return dict(error=msg)
target_folder[name] = image
workflow = get_workflow(ICommunityFile, 'security', context)
if workflow is not None:
workflow.initialize(image)
# In cases where the image is to live in a piece of content which has not
# yet been created (like when using an 'Add' form), the context is going
# to be the eventual parent of the not yet created content, which will be
# the eventual parent of the just now created image. Since we have nowhere
# to put the image, we put it in a tempfolder and later move it over after
# the content is created. Normal ContentAdded event handlers are not
# called at this stage and workflow is not yet initialized. These will
# occur when the content is moved over.
else:
image.modified = datetime.datetime.now()
tempfolder = find_tempfolder(context)
tempfolder.add_document(image)
# Return info about the image uploaded
return dict(
upload_image_info=get_image_info(image, request, thumb_size=LARGE_THUMB_SIZE),
)
def test_it(self):
from karl.views.utils import basename_of_filepath
self.assertEqual(basename_of_filepath('c:\\dos\\autorun.bat'),
'autorun.bat')
self.assertEqual(basename_of_filepath('/home/user/myimage.jpg'),
'myimage.jpg')
def drawer_upload_view(context, request,
check_upload_size=check_upload_size,
get_image_info=get_image_info,
batch_images=batch_images,
):
"""Drawer posts a file with the parameter name "file".
"""
## XXX The rest is copied from add_file_view. A common denominator
## would be desirable.
creator = authenticated_userid(request)
fieldstorage = request.params.get('file')
if not hasattr(fieldstorage, 'filename'):
msg = 'You must select a file before clicking Upload.'
return dict(error = msg)
# For file objects, OSI's policy is to store the upload file's
# filename as the objectid, instead of basing __name__ on the
# title field).
filename = basename_of_filepath(fieldstorage.filename)
stream = fieldstorage.file
# use parameter, as the title (or basename, if missing).
title = request.params.get('title', filename)
image = create_content(ICommunityFile,
title=title,
stream=stream,
mimetype=get_upload_mimetype(fieldstorage),
filename=fieldstorage.filename,
creator=creator,
)
# Check if it's an image.
if not IImage.providedBy(image):
msg = 'File %s is not an image' % filename
return dict(error=msg)
check_upload_size(context, image, 'file')
if hasattr(context, 'get_attachments'):
target_folder = context.get_attachments()
if not has_permission('create', target_folder, request):
msg = 'You do not have permission to upload files here.'
return dict(error=msg)
image.filename = filename
name = make_name(target_folder, filename, raise_error=False)
if not name:
msg = 'The filename must not be empty'
return dict(error=msg)
# Is there a key in context with that filename?
if name in target_folder:
msg = 'Filename %s already exists in this folder' % filename
return dict(error=msg)
target_folder[name] = image
workflow = get_workflow(ICommunityFile, 'security', context)
if workflow is not None:
workflow.initialize(image)
# In cases where the image is to live in a piece of content which has not
# yet been created (like when using an 'Add' form), the context is going
# to be the eventual parent of the not yet created content, which will be
# the eventual parent of the just now created image. Since we have nowhere
# to put the image, we put it in a tempfolder and later move it over after
# the content is created. Normal ContentAdded event handlers are not
# called at this stage and workflow is not yet initialized. These will
# occur when the content is moved over.
else:
image.modified = datetime.datetime.now()
tempfolder = find_tempfolder(context)
tempfolder.add_document(image)
# Return info about the image uploaded
return dict(
upload_image_info=get_image_info(image, request, thumb_size=LARGE_THUMB_SIZE),
)
def drawer_upload_view(context, request,
check_upload_size=check_upload_size,
get_image_info=get_image_info,
batch_images=batch_images,
):
"""Drawer posts a file with the parameter name "file".
"""
## XXX The rest is copied from add_file_view. A common denominator
## would be desirable.
creator = authenticated_userid(request)
fieldstorage = request.params.get('file')
if not hasattr(fieldstorage, 'filename'):
msg = 'You must select a file before clicking Upload.'
return dict(error = msg)
stream = fieldstorage.file
title = fieldstorage.filename
image = create_content(ICommunityFile,
title=title,
stream=stream,
mimetype=get_upload_mimetype(fieldstorage),
filename=fieldstorage.filename,
creator=creator,
)
check_upload_size(context, image, 'file')
if hasattr(context, 'get_attachments'):
target_folder = context.get_attachments()
if not has_permission('create', target_folder, request):
msg = 'You do not have permission to upload files here.'
return dict(error=msg)
# For file objects, OSI's policy is to store the upload file's
# filename as the objectid, instead of basing __name__ on the
# title field).
filename = basename_of_filepath(fieldstorage.filename)
image.filename = filename
name = make_name(target_folder, filename, raise_error=False)
if not name:
msg = 'The filename must not be empty'
return dict(error=msg)
# Is there a key in context with that filename?
if name in target_folder:
msg = 'Filename %s already exists in this folder' % filename
return dict(error=msg)
target_folder[name] = image
else:
tempfolder = find_tempfolder(context)
tempfolder.add_document(image)
workflow = get_workflow(ICommunityFile, 'security', context)
if workflow is not None:
workflow.initialize(image)
# Update the thumbnails
return dict(
upload_image_info=get_image_info(image, request),
images_info=batch_images(context, request),
)
