def wrapper(self, *args, **kwargs):
if hasattr(self, 'request'):
request = self.request
else:
request = self
MAX_FILE_SIZE = 1024 * 1024 * 2
# IE 9/10 doesn't send custom headers
# webO default Content-Type to 'application/x-www-form-urlencoded' when not explictly set
if request.content_type in (None, '', 'application/x-www-form-urlencoded'):
request.content_type = EXPECTED_CONTENT_TYPE
if request.content_type != EXPECTED_CONTENT_TYPE:
raise exc.HTTPUnsupportedMediaType('Only KML file are accepted')
# IE9 sends data urlencoded
data = urllib.unquote_plus(request.body)
if len(data) > MAX_FILE_SIZE:
raise exc.HTTPRequestEntityTooLarge('File size exceed %s bytes' % MAX_FILE_SIZE)
# Prevent erroneous kml
data = re.sub('(\s+on\w*=(\"[^\"]+\"|\'[^\']+\'))', ' ', data, flags = re.I | re.M)
data = re.sub('(<|<)script\s*\S*[^(>|>)]*?(>|>)(.|\s)*?(<|<)\/script(>|>)', ' ', data, flags = re.I | re.M)
try:
p = xml.parsers.expat.ParserCreate()
p.Parse(data)
except Exception:
raise exc.HTTPUnsupportedMediaType('Only valid KML file are accepted')
request.body = data
return func(self, *args, **kwargs)
def wrapper(self, *args, **kwargs):
if hasattr(self, 'request'):
request = self.request
else:
request = self
MAX_FILE_SIZE = 1024 * 1024 * 2
# IE 9/10 doesn't send custom headers
# webO default Content-Type to 'application/x-www-form-urlencoded' when not explictly set
if request.content_type in (None, '', 'application/x-www-form-urlencoded'):
request.content_type = EXPECTED_CONTENT_TYPE
if request.content_type != EXPECTED_CONTENT_TYPE:
raise exc.HTTPUnsupportedMediaType('Only KML file are accepted')
# IE9 sends data urlencoded
data = urllib.unquote_plus(request.body)
if len(data) > MAX_FILE_SIZE:
raise exc.HTTPRequestEntityTooLarge('File size exceed %s bytes' % MAX_FILE_SIZE)
try:
p = xml.parsers.expat.ParserCreate()
p.Parse(data)
except Exception:
raise exc.HTTPUnsupportedMediaType('Only valid KML file are accepted')
request.body = data
return func(self, *args, **kwargs)
def wrapper(self, *args, **kwargs):
request = self.request if hasattr(self, 'request') else self
if request.content_type in (None, '', 'application/x-www-form-urlencoded'):
request.content_type = EXPECTED_GLSTYLE_CONTENT_TYPE
if request.content_type != EXPECTED_GLSTYLE_CONTENT_TYPE:
raise exc.HTTPUnsupportedMediaType('Only JSON files are accepted')
try:
json.loads(request.body)
except ValueError:
raise exc.HTTPUnsupportedMediaType('Only JSON files are accepted, file could not be serialized')
return func(self, *args, **kwargs)
def _item_patch_tus(request):
comp = request.env.file_upload
if request.content_type != 'application/offset+octet-stream':
raise exc.HTTPUnsupportedMediaType()
try:
upload_offset = int(request.headers['Upload-Offset'])
except (KeyError, ValueError):
raise exc.HTTPBadRequest()
fnd, fnm = comp.get_filename(request.matchdict['id'])
if not isfile(fnm):
raise exc.HTTPNotFound()
with open(fnm, 'rb') as fd:
meta = pickle.loads(fd.read())
size = meta['size']
# Don't upload more than declared file size.
if upload_offset + request.content_length > size:
raise UploadedFileTooLarge()
# Check minimum chunk size to prevent misconfiguration
remain = size - upload_offset
if request.content_length < min(remain, comp.tus_chunk_size_minimum):
raise exc.HTTPBadRequest()
with open(fnd, 'ab') as fd:
# Check for upload conflict
if upload_offset != fd.tell():
raise exc.HTTPConflict()
# Copy request body to data file. Input streaming is also supported
# here is some conditions: uwsgi - does, pserve - doesn't.
src_fd = request.body_file
while True:
buf = src_fd.read(BUF_SIZE)
if buf is None:
break
read = len(buf)
if len(buf) == 0:
break
if upload_offset + read > size:
raise UploadedFileTooLarge()
fd.write(buf)
upload_offset += read
if size == upload_offset:
# File upload completed
del meta['incomplete']
# Detect MIME-type
if 'mime_type' not in meta:
meta['mime_type'] = magic.from_file(fnd, mime=True)
# Save changes to metadata
with open(fnm, 'wb') as fd:
fd.write(pickle.dumps(meta))
return _tus_response(204, upload_offset=upload_offset)
def upload_action(request):
log.info("Received file upload request from %s" % request.remote_addr)
# Check if the file is really being sent
if 'image' not in request.POST:
log.error("Missing PORT parameter 'image'")
raise exc.HTTPBadRequest()
if 'meter_id' not in request.POST:
log.error("Missing PORT parameter 'meter_id'")
raise exc.HTTPBadRequest()
# Get application configuration
config = util.get_config()
# Get the filename
filename = request.POST['image'].filename
log.debug("Original filename: %s" % filename)
# Get meter_id from POST request
meter_id = request.POST['meter_id']
log.debug("Received meter_id: %s" % meter_id)
# Check if meter_id is not empty
# NOTE: Empty string in Python are falsy so we check it like this:
if not meter_id:
log.error("Meter ID is empty!")
raise exc.HTTPBadRequest()
# Get file contents
input_file = request.POST['image'].file
# Storing file in temporary location
temp_file_path = os.path.join(config['storage']['cache'],
'%s' % uuid.uuid4())
log.debug("Temporary file: %s" % temp_file_path)
# Finally write the data to a temporary file
input_file.seek(0)
with open(temp_file_path, 'wb') as output_file:
shutil.copyfileobj(input_file, output_file)
# let's check file if that the one we are looking for
if not util.check_file(temp_file_path):
log.error(
"File validation failed. Check the log file above for details.")
raise exc.HTTPUnsupportedMediaType()
else:
log.info("File validation passed")
# Now, after all validations, we can more the file to the storage
file_store_path = os.path.join(config['storage']['store'], meter_id,
'%s' % uuid.uuid4())
log.debug("Moving image to the storage as %s" % file_store_path)
# Creating subdirectory for meter_id if it doesn't exists
directory = os.path.dirname(file_store_path)
if not os.path.exists(directory):
os.makedirs(directory)
# moving the file to new directory
shutil.move(temp_file_path, file_store_path)
# Now, let's store file information in database
db.put_file(meter_id, file_store_path)
return Response("Uploaded")