def create():
if request.method == 'POST':
title = request.form['title']
body = request.form['body']
image_file = request.files['file']
error = None
if not title:
error = 'Title is required.'
if error is not None:
flash(error)
if not image_file:
flash("Please Attach a file")
else:
folder = f"user_{g.user.id}" # static/images
try:
image_path = image_helper.save_image(image_file, folder=folder)
basename = image_helper.get_path(image_path)
userModel = UserModel.find_user_by_id(g.user.id)
post = PostModel(title=title,
posts=body,
image_url=image_path,
user_id=userModel.id)
post.save_to_db()
except UploadNotAllowed:
extension = image_helper.get_extension(image_file)
flash("file with extension {} not allowed".format(extension))
return redirect(url_for('blog.index'))
return render_template('blog/create.html')
def get(cls, filename: str):
user_id = get_jwt_identity()
folder = "user_{}".format(user_id)
if not image_helper.is_filename_safe(filename):
return {"message": IMAGE_ILLEGAL_FILENAME}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": IMAGE_NOT_FOUND}, 404
def get(cls, filename: str):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {"message": gettext("image_illegal_file_name").format(filename)}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": gettext("image_not_found").format(filename)}, 404
def get(cls, filename: str):
"""Returns the requseted image if it exists. Looks up inside the logged user's folder"""
user_id = get_jwt_identity()
folder = f'user_{user_id}'
if not image_helper.is_filename_safe(filename):
return {'message': gettext("image_illegal_file_name").format(filename)}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {'message': gettext("image_not_found").format(filename)}, 404
def get(self, filename: str):
"""
Returns the requested image if it exists, looks up in the loggedin users folder
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {"message": IMAGE_ILLEGAL_FILE_NAME.format(filename)}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": IMAGE_NOT_FOUND.format(filename)}, 404
def get(cls, filename: str):
"""Returns the requested image if it exists."""
folder = f"user_{get_jwt_identity()}"
if not image_helper.is_filename_safe(filename):
return {
"message": gettext("image_illegal_file_name").format(filename)
}, 400
try:
return send_file(image_helper.get_path(filename, folder))
except FileNotFoundError:
return {"message": gettext("image_not_found")}, 404
def delete(cls, filename: str):
user_id = get_jwt_identity()
folder = f'user_{user_id}'
if not image_helper.is_filename_safe(filename):
return {'message': gettext("image_illegal_file_name").format(filename)}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {'message': gettext('image_deleted').format(filename)}, 200
except FileNotFoundError:
return {'message': gettext("image_not_found").format(filename)}, 404
except:
return {'message': gettext("image_delete_failed")}, 500
def get(cls, filename: str):
"""
Return requested image for user if exists
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe():
return {"message": f"Image illegal filename"}, 400
try:
return send_file(image_helper.get_path(filename,
folder=folder)), 200
except FileNotFoundError:
return {'message': 'Image not found'}, 404
def delete(cls, filename):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {"message": gettext("image_illegal_file_name").format(filename)}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": gettext("image_deleted").format(filename)}, 200
except FileNotFoundError:
return {"message": gettext("image_not_found").format(filename)}, 400
except:
traceback.print_exc()
return {"message": gettext("image_delete_failed").format(filename)}, 500
def delete(cls, filename: str):
user_id = get_jwt_identity()
folder = "user_{}".format(user_id)
if not image_helper.is_filename_safe(filename):
return {"message": IMAGE_ILLEGAL_FILENAME}
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": IMAGE_DELETED}, 200
except FileNotFoundError:
return {"message": IMAGE_NOT_FOUND}, 404
except:
traceback.print_exc()
return {"message": IMAGE_DELETED_FAILED}, 500
def get(self, filename: str):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {
"message": gettext("image_FILENAME_NOT_SAFE").format(filename)
}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": gettext("image_FILE_NOT_FOUND")}, 404
def delete(self, filename: str):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {"message": IMAGE_ILLEGAL_FILE_NAME.format(filename)}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": IMAGE_DELETED.format(filename)}, 200
except FileNotFoundError:
return {"message": IMAGE_NOT_FOUND.format(filename)}, 404
except:
return {"message": IMAGE_DELETE_FAILED.format(filename)}, 500
def get(cls, filename: str):
"""
Returns the requested image if it exists.
Looks up inside the logged in user's folder.
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.if_filename_safe(filename):
return {"message": f"Illegal filename '{filename}'"}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": "Image Not Found"}, 404
def delete(cls, filename: str):
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.if_filename_safe(filename):
return {"message": "Illegal filename '{filename}'"}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": f"Image {filename} deleted"}, 200
except FileNotFoundError:
return {"message": "Image Not Found"}, 404
except Exception as e:
print(e)
return {"message": "Image delete failed."}, 500
def get(self, filename: str):
"""
reeturns the requested image if it exists. look only for user pictures
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {
"message": gettext("image_illegal_file_name").format(filename)
}, 400
try:
return send_file(image_helper.get_path(filename, folder=folder))
except:
return {"message": gettext("image_not_found")}
def get(cls, filename: str):
"""
This endpoint returns the requested image if exists. It will use JWT to
retrieve user information and look for the image inside the user's folder.
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
# check if filename is URL secure
if not image_helper.is_filename_safe(filename):
return {"message": gettext("image_illegal_file_name").format(filename)}, 400
try:
# try to send the requested file to the user with status code 200
return send_file(image_helper.get_path(filename, folder=folder))
except FileNotFoundError:
return {"message": gettext("image_not_found").format(filename)}, 404
def get(cls, filename: str):
"""
Returns the requested image if exists. Looks up into logged in user folder.
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe(filename):
return {
'message': getext('image_illegal_filename').format(filename)
}, 400
try:
return send_file(image_helper.get_path(filename, folder))
except FileNotFoundError:
return {'message': getext('image_not_found').format(filename)}, 404
def delete(cls, filename: str):
"""
Allow an user to delete an image
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
if not image_helper.is_filename_safe():
return {"message": f"Image illegal filename"}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": "Image Deleted"}, 200
except FileNotFoundError:
return {"message": "Image not found"}, 404
except:
traceback.print_exc()
return {"message": " Failed to delete image"}, 500
def delete(cls, filename: str):
"""Delete the image based on the file name."""
folder = f"user_{get_jwt_identity()}"
if not image_helper.is_filename_safe(filename):
return {
"message": gettext("image_illegal_file_name").format(filename)
}, 400
try:
os.remove(image_helper.get_path(filename, folder))
return {
"message": gettext("generic_deleted").format(filename)
}, 200
except FileNotFoundError:
return {"message": gettext("image_not_found")}, 404
except:
traceback.print_exc()
return {"message": gettext("image_delete_failed")}, 500
def post(cls):
"""
Used to upload an image to server
It users JWT to retrieve our information and then
saves the image to our image folder
If there's a file name conflict, it'll append the number
at the end
"""
data = image_schema.load(request.files) # {"image":FileStorage}
user_id = get_jwt_identity()
folder = f"user_{user_id}" # static/images
try:
image_path = image_helper.save_image(data['image'], folder=folder)
basename = image_helper.get_path(image_path)
return {"message": IMAGE_UPLOAD.format(basename)}, 201
except UploadNotAllowed:
extension = image_helper.get_extension(data["image"])
return {"message": IMAGE_ILLEGAL_EXTENSION.format(extension)}, 400
def delete(cls, filename: str):
"""
This endpoint is used to delete the requested image under the user's folder.
It uses the JWT to retrieve user information.
"""
user_id = get_jwt_identity()
folder = f"user_{user_id}"
# check if filename is URL secure
if not image_helper.is_filename_safe(filename):
return {"message": gettext("image_illegal_file_name").format(filename)}, 400
try:
os.remove(image_helper.get_path(filename, folder=folder))
return {"message": gettext("image_deleted").format(filename)}, 200
except FileNotFoundError:
return {"message": gettext("image_not_found").format(filename)}, 404
except:
traceback.print_exc()
return {"message": gettext("image_delete_failed")}, 500
def update(id):
user = UserModel.find_user_by_id(id)
if not user:
flash("User doesn't exist")
if request.method == 'POST':
full_names = request.form['full_names']
image_file = request.files['file']
error = None
if not full_names:
error = "Full Names Required"
if error is not None:
flash(error)
if not image_file:
flash("Please Attach a file")
else:
filename = f"user_{g.user.id}"
folder = "avatars"
try:
ext = image_helper.get_extension(image_file.filename)
avatar = filename + ext
image_path = image_helper.save_image(image_file,
folder=folder,
name=avatar)
basename = image_helper.get_path(image_path)
user.full_names = full_names
user.profile_pic = image_path
user.save_to_db()
#post = PostModel(title=title, posts=body, image_url=image_path, user_id=userModel.id)
#post.save_to_db()
except UploadNotAllowed:
extension = image_helper.get_extension(image_file)
flash("file with extension {} not allowed".format(extension))
return redirect(url_for('profile.get', id=user.id))
return render_template('/profile/edit_profile.html', user=user)