def requestParams(render):
"""
Jinja2 global: Allows for accessing the request-parameters from the template.
These returned values are escaped, as users tend to use these in an unsafe manner.
:returns: Dict of parameter and values.
:rtype: dict
"""
res = {}
for k, v in request.current.get().kwargs.items():
res[utils.escapeString(k)] = utils.escapeString(v)
return res
def upload( self, node=None, *args, **kwargs ):
try:
canAdd = self.canAdd("leaf", node)
except:
canAdd = False
if not canAdd:
for upload in self.getUploads():
upload.delete()
raise errors.Forbidden()
try:
res = []
if node:
# The file is uploaded into a rootNode
nodeSkel = self.editNodeSkel()
if not nodeSkel.fromDB(node):
for upload in self.getUploads():
upload.delete()
raise errors.NotFound()
else:
weak = False
parentDir = str(node)
parentRepo = nodeSkel["parentrepo"]
else:
weak = True
parentDir = None
parentRepo = None
# Handle the actual uploads
for upload in self.getUploads():
fileName = self.decodeFileName(upload.filename)
if str(upload.content_type).startswith("image/"):
try:
servingURL = images.get_serving_url(upload.key())
if request.current.get().isDevServer:
# NOTE: changed for Ticket ADMIN-37
servingURL = urlparse(servingURL).path
elif servingURL.startswith("http://"):
# Rewrite Serving-URLs to https if we are live
servingURL = servingURL.replace("http://", "https://")
except:
servingURL = ""
else:
servingURL = ""
fileSkel = self.addLeafSkel()
try:
# only fetching the file header or all if the file is smaller than 1M
data = blobstore.fetch_data(upload.key(), 0, min(upload.size, 1000000))
image = images.Image(image_data=data)
height = image.height
width = image.width
except Exception, err:
height = width = 0
logging.error(
"some error occurred while trying to fetch the image header with dimensions")
logging.exception(err)
fileSkel.setValues(
{
"name": utils.escapeString(fileName),
"size": upload.size,
"mimetype": utils.escapeString(upload.content_type),
"dlkey": str(upload.key()),
"servingurl": servingURL,
"parentdir": parentDir,
"parentrepo": parentRepo,
"weak": weak,
"width": width,
"height": height
}
)
fileSkel.toDB()
res.append(fileSkel)
self.onItemUploaded(fileSkel)
# Uploads stored successfully, generate response to the client
for r in res:
logging.info("Upload successful: %s (%s)" % (r["name"], r["dlkey"]))
user = utils.getCurrentUser()
if user:
logging.info("User: %s (%s)" % (user["name"], user["key"]))
return( self.render.addItemSuccess( res ) )
def fromClient(self, valuesCache, name, data):
"""
Reads a value from the client.
If this value is valid for this bone,
store this rawValue and return None.
Otherwise our previous value is
left unchanged and an error-message
is returned.
:param name: Our name in the :class:`server.skeleton.Skeleton`
:type name: str
:param data: *User-supplied* request-data
:type data: dict
:returns: str or None
"""
if name in data:
rawValue = data[name]
else:
rawValue = None
res = None
lastError = None
if self.multiple and self.languages:
res = LanguageWrapper(self.languages)
for lang in self.languages:
res[lang] = []
if "%s.%s" % (name, lang) in data:
val = data["%s.%s" % (name, lang)]
if isinstance(val, basestring):
err = self.isInvalid(val)
if not err:
res[lang].append(utils.escapeString(val))
else:
lastError = err
elif isinstance(val, list):
for v in val:
err = self.isInvalid(v)
if not err:
res[lang].append(utils.escapeString(v))
else:
lastError = err
if not any(res.values()) and not lastError:
lastError = "No rawValue entered"
elif self.multiple and not self.languages:
res = []
if not rawValue:
lastError = "No rawValue entered"
else:
if not isinstance(rawValue, list):
rawValue = [rawValue]
for val in rawValue:
err = self.isInvalid(val)
if not err:
res.append(utils.escapeString(val))
else:
lastError = err
if len(res) > 0:
res = res[0:254] # Max 254 character
else:
lastError = "No valid rawValue entered"
elif not self.multiple and self.languages:
res = LanguageWrapper(self.languages)
for lang in self.languages:
if "%s.%s" % (name, lang) in data:
val = data["%s.%s" % (name, lang)]
err = self.isInvalid(val)
if not err:
res[lang] = utils.escapeString(val)
else:
lastError = err
if len(res.keys()) == 0 and not lastError:
lastError = "No rawValue entered"
else:
err = self.isInvalid(rawValue)
if not err:
res = utils.escapeString(rawValue)
else:
lastError = err
if not rawValue and not lastError:
lastError = "No rawValue entered"
valuesCache[name] = res
return lastError