def add_attachment_link(data, linked_object):
"""Add a link attachment to linked_object"""
folder = data.pop('folder', None)
if not folder:
folder = AttachmentFolder.get_or_create_default(linked_object=linked_object)
assert folder.object == linked_object
link = Attachment(user=session.user, type=AttachmentType.link, folder=folder)
link.populate_from_dict(data, skip={'acl', 'protected'})
if link.is_self_protected:
link.acl = data['acl']
db.session.flush()
logger.info('Attachment %s added by %s', link, session.user)
signals.attachments.attachment_created.send(link, user=session.user)
def _process(self):
form = AddAttachmentFilesForm(linked_object=self.object)
if form.validate_on_submit():
files = form.files.data
folder = form.folder.data or AttachmentFolder.get_or_create_default(linked_object=self.object)
for f in files:
filename = secure_filename(f.filename, 'attachment')
attachment = Attachment(folder=folder, user=session.user, title=to_unicode(f.filename),
type=AttachmentType.file, protection_mode=form.protection_mode.data)
if attachment.is_self_protected:
attachment.acl = form.acl.data
content_type = mimetypes.guess_type(f.filename)[0] or f.mimetype or 'application/octet-stream'
attachment.file = AttachmentFile(user=session.user, filename=filename, content_type=content_type)
attachment.file.save(f.stream)
db.session.add(attachment)
db.session.flush()
logger.info('Attachment %s uploaded by %s', attachment, session.user)
signals.attachments.attachment_created.send(attachment, user=session.user)
flash(ngettext("The attachment has been uploaded", "{count} attachments have been uploaded", len(files))
.format(count=len(files)), 'success')
return jsonify_data(attachment_list=_render_attachment_list(self.object))
return jsonify_template('attachments/upload.html', form=form, action=url_for('.upload', self.object),
protection_message=_render_protection_message(self.object),
folders_protection_info=_get_folders_protection_info(self.object))